Cisco’s recently released their 2020 CISO Benchmark Report that makes several key recommendations for security professionals to achieve a zero trust vision. The following are a couple of recommendations that are relevant to the discussion in this blog regarding device trust:
Enterprise IT networks have changed significantly in the last few years. Businesses are leveraging cloud and mobile technologies to enable faster digital transformation. At the same time, IT teams need to optimize for cost and productivity.
From a cybersecurity standpoint, this means enabling secure and direct access to business applications for a diverse set of users – remote workers, vendors and contractors; and their devices that typically reside outside of the control of corporate EMM (enterprise mobility management) and MDM (mobile device management) solutions.
Enforcing security policy compliance seamlessly across managed, BYOD and 3rd-party devices poses a significant challenge for the security team. In most cases, IT security teams lack the insights and an enforcement mechanism when making an access decision on endpoints, particularly among the unmanaged devices. There’s a few key checks that organizations should perform before granting access in order to attest whether a device is trustworthy:
Duo enables organizations to verify the trustworthiness of any device – managed or unmanaged – by providing the following three key capabilities:
Duo’s extensive logging and reporting enables organizations to maintain inventory of all devices accessing corporate resources. A comprehensive dashboard helps administrators understand the overall organizational security posture, and a quick drill-down with a few clicks allows them to identify users that are using risky devices running out-of-date operating systems (OS), browsers, Flash and Java versions. And all of this data can be easily exported to popular log management and analysis tools.
Duo’s novel approach to assessing device health posture is geared to address the diverse population of managed and unmanaged devices that access enterprise networks. Duo helps administrators ensure that their endpoint fleet is in compliance with corporate security policies and empowers end users with self-remediation, which reduces the number of IT tickets raised or calls to a support help desk.
Learn more about Duo’s Device Trust.
Use Case | Duo Feature | Implementation Option |
Maintain inventory of all devices accessing protected applications | Device Insight | Agentless / Browser-based |
Enforce risk-based access controls for managed and unmanaged devices (BYOD) | Device Insight
|
Agentless / Browser-based
|
Device Health App
(MacOS, Windows); (iOS, Android) |
Application-based (offers granular control) | |
Protect your environment and limit access to corporate-managed devices | Trusted Endpoints
(Works with JAMF Pro, AirWatch/ Workspace ONE, MobileIron, Microsoft Intune, etc….)
|
Certificate-based |
For organizations, all this translates to reducing cyber risk and enforcing cyber hygiene. Try it for free by signing up for a 30-day trial.
The post Enforce Endpoint Compliance and Cyber Hygiene With Duo Device Trust appeared first on Cisco Blogs .