Securing VPN access and SSH connections with Multi Factor Authentication (MFA): the case of an Italian financial organization

Our Client, a leading company in Italy, is one of the leading asset management companies, present in more than 12 countries worldwide, with a focus on emerging markets. Operating in the financial sector, cybersecurity is at the top of the group's priorities.

The main objective of the Company's Security Team was the easy, fast and secure implementation - by design - of a Multi Factor Authentication (MFA) solution that would prevent unauthorized access to the corporate network by protecting VPN and SSH connections.

The challenge: securing VPN and SSH connections with MFA Cisco DUO Secure Access

Due to the size and decentralized structure of the Client company, a major MFA project was developed with Cisco Duo Secure Access.

The goal of the project was to ensure internationally, all employees and external consultants could access internal networks to have the necessary resources and tools at their disposal.

Market analysts, executives, engineers, consultants, administrative staff as well as the IT team remotely had to be able to access the company's network in order to perform their duties while meeting the very high security standards required by the company and no matter where they were.

The need for VPN access and connections and increasingly stringent security policies have made the practice of identity verification and the application of timely and traceable authorization policies essential.

Cisco Duo Secure Access: an extremely versatile solution perfect for any user access scenario

The questions that the customer asked us, and that underlie the choice of Cisco Duo, were mainly about the possibility of integration with existing enterprise infrastructures: "Can we use it with third-party applications?"; "Will we be able to integrate it with the existing infrastructure?"
The answers to these questions are simple: the Cisco Duo Secure Access MFA works with all of the Customer's VPN types and SSH solutions.

As a Cloud-based solution, moreover, Cisco Duo Secure Access offers the highest levels of security but keeps costs low by eliminating the need for on-premise software and hardware, thus reducing the need for support and the resulting economic overhead.
The extensive documentation provided by Cisco enabled the Customer's development team to acquire the skills to implement the necessary solutions and integrations.

Mobile APP and SMS notifications always available anywhere

Other concerns were due to possible limited network connectivity: "Will we be able to use multi-factor authentication, or will we not be able to access our networks in case of limited connectivity?"; and again, "Can international teams safely travel and access from remote locations?"
The Client was able to verify that push notifications in Duo's mobile APP work anywhere in the World; the same for SMS notifications used in countries reached by Group employees.

Duo allows you to focus on what is really important: your Customers

By verifying user identities with MFA, then applying access policies that protect both cloud and on-premise applications and simplify their access with secure single sign-on, the choice of the solution enabled our Client to worry less about security and focus more on its business.

In fact, Duo allows users to check the security integrity of their devices and block, alert, or notify users with risky devices.

Cisco Duo Secure Access met all of the Customer's requirements, providing an extremely versatile solution perfect for every different employee access scenario.