Getting Started With Duo Security

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to today's webinar this is a getting started with duo event a special demo event you all are here because we invited you from one of the past events where you indicated that you'd like more information about the duo security event so thank you for your interest and thank you for joining us on today's special demo webinar this is intended to be roughly a 30 minute event and we are just going to jump really quickly into it after I have just a couple slides here of introduction so my name is David Davis of actual tech media and I'm excited to be your moderator on today's event we want this to be a very educational event obviously it's all around demo it's all around duo security multi-factor authentication zero trust all those things and we want you to get your questions answered so we encourage you to use the questions and answers box there in the GoToWebinar control panel we have an expert home about to introduce here in just a minute from duo security who will be doing a dedicated Q&A session at the end of the event where I'll be asking the best questions that you have submitted through that through the GoToWebinar questions and answers box so feel free to use that during the event during the demo and we'll be answering the best questions at the end and without further delay I'm excited to introduce today's presenter that is Zoe Lindsey security strategist at duo Zoe thank you so much for being on the event today hey how you doing it's great to have you on I love these like short fast-paced demo events so I'm excited to see what you have lined up for us today I'm going to go ahead and transfer control over to you great great let's see here everybody able to see my screen I can yes take it away awesome excellent hey everybody thanks so much for joining today so my understanding is that you joined one of our earlier webinars where we were very much talking about philosophy and method more so than nuts and bolts today we're going to dive right into the the nuts and bolts here so let me just go ahead and skip forward so today we are going to be talking about the authentication methods the duo supports the end-user experience including self remediation what advanced device insight is and how it figures into your security posture we're gonna go through configuring an application including policy and control settings at a granular level enrolling users and question answer all in half an hour so I'm gonna try and speed through some of this as quick as I can but please do you add any questions that you have I want to make sure that we can get through as many of those as possible so this means today that I'm pretty much exclusively going to be talking about nuts and bolts I will try and include a little bit about why we try and follow these best practices but I would encourage you if you have more questions about why do Oh go about doing some of the implementation steps that we do I'm happy to answer those either in QA or in follow-up one of the things that you oh really wants to do is make sure that we are providing Universal visibility and control of the foundation of that is making sure that every user has a way that they are able to authenticate so along with giving you the policy tools to restrict these to only the factors that you want to allow for your environment we do allow a wide variety of methods for authentication by far the most popular of those methods would be push you can see a screen cap of that here to the right of that little chart that is a interactive authentication method that goes out of bands to a user's device provides them with some contextual information the organization name and logo the user attempting to login the IP address that that requests coming from the time of the request and the system being accessed and based on that information the user can either easily approve by pressing the green button or deny that authentication request by pressing the red button it provides a higher level of convenience versus legacy methods like typing in a passcode but also has some security benefits because it is going out of band and it's using a stronger encryption method than the shared seed secret that hardware tokens or soft tokens would work from push authentication is going to be a public private encrypted communication along with push because we know that while it'd be great not every single user is going to have a smartphone we are able to work through traditional telephony based methods SMS and phone call back I will say that these have been depreciated as recommended methods and so if you have a limited use cases where you need them they are available but if you have options for stronger alternatives for your users that are viable in that use case I'd encourage you to look at those we support newer technologies like u2f and wearables as well as biometric based authentication through face ID touch ID or fingerprint scanners on Android as well as you know there are still some use cases where a hardware token may be the only viable method so we do support those you can either purchase directly from us and have those imported into your admin panel or purchase from any vendor of your choice and we have some tools to allow you to import them finally I think I skipped over this push does require an internet connection either cell or Wi-Fi data however if the user does not have any connectivity on their mobile device there is also the option of a soft token authentication with a passcode generated in the app like you see on the far right here that will work even if the phone is in airplane mode so now we're going to flip over to the fun stuff and get into a live demonstration here so the first thing that I would like to show you actually is from the users perspective active or a live login into a resource and we're actually going to go through this very quickly twice the first time I'm going to enroll as a new user so you get to see you can see what the process is for a new user using one of our enrollment options that can be leveraged self enrollment let me make this a little bit bigger so when we're asking users to go through this process to add themselves as new users we want to make sure that we're communicating clearly with them and letting them know what we're asking them to do that starts with explaining what the process is that we're asking them to participate in so here we're letting them know we just need to take a moment to add a device to help keep their account secure and this enrollment process is contextual which means every step along the way what I am asked in subsequent screens is based on my previous responses if I choose a landline here it asked me for a phone number and then it also gives me the option to add an extension if I say that I'm going to use a web authentication on a Macbook it's just going to bring up that prompt for me to enroll touch ID whereas if I choose mobile phone like I'm gonna do here it asks me for a phone number and then since I said I have a mobile phone it asks me whether this is a smart phone or a feature phone I say I've got an iPhone so now it shows me the what app I'm going to search for as well as what that app looks like in the app store and then once I've confirmed that I've downloaded that app I get a QR code to scan and a check marks appear a check mark appears to give me an interactive confirmation once that account has been scanned and added now what's happening under the hood here when I scan that QR code the public key for this specific duo integration is going to be used to generate a unique private key certificate on my device that's stored in the hardware security module and nowhere else meaning I now have a device specific authentication method which in recent research between Berkley and Google has been found to stop over 99 point I want to say an five but I think it may be I'm higher than that of automated account takeover attempts now that I've gone through it shows my enrolled device and this screen there's my sentence settings and devices screen you'll see at the end of enrollment and also if you choose to an A access to a self-service portal for you users to make changes later on I can go and I can nickname this device or reactivate do a mobile if I have the same phone number if I get a new device itself I can choose a default and I can also go and add another backup device as long as it matches your security policy this is actually something that I would recommend because it gives you a strong alternative if a user leaves their primary authentication device at home let's take two scenarios if I have a Yubikey enrolled as a backup off device and if I don't if I have my phone enrolled and I don't have a backup device now I'm either going to lose productivity by driving home to get my phone or I'm gonna lose productivity by generating a helpdesk ticket to regain access to my account and in many cases that access is going to be granted based on a helpdesk call or email which means that we've now moved from the level of a strong authentication back to the level of a social engineering attack for the risk at that authentication whereas if I have a backup device I can then actually go through and just do that just do that login directly using my secondary device with no downtime whatsoever so now that I've gone through let's go back through and see what it looks like on a day to day basis I've already enrolled my device it asks me how I want to authenticate I get that notification on my phone and I prove it and now I'm logged in so that process is really rapid for users let's take a step back and see what that looks like from the mobile device side so here we've got Chris now I got to zoom back out here we've got Chris going to log in to Outlook it's coming to this authentication page now chris has a mobile phone as well as a UV key enroll we're going to send a push notification of that device and now when he opens that device he's going to get that contextual information the company icon the system that's being logged into his user ID used for login the time of that request and geolocation and then the the IP address of origin so they can go here and they can deny this if they didn't mean to start a login maybe they are using a password manager that auto-filled their credentials but they don't actually need to access the service they can mark that it was a mistake and that'll be noted in the logs but it's not gonna flag an alert or if they receive a request that they don't recognize they can mark that as fraudulent and that's gonna go to your duo administrators giving them an immediate alert hey Chris just reported potential fraud targeting his account on 365 from this IP address right now so it's giving immediate visibility to your admin so that they can go through and work to remediate that in the process now I want to flip over and make the most of our time here but very very quickly I want to show one more scenario let's talk self remediation so we're about to flip over into the admin panel and take a look at what is encompassed in device insight going beyond just validating a user and allowing us to take a look at the health of devices that are being used to access our protected data in that scenario if the user has a device that is out of date we want to provide that feedback back to them and if possible give them a way to remediated mmediately again avoiding that downtime and getting this fastest speed to security possible so here you see that I'm going to log in again and it shows me a little orange banner that says my browser is out of date orange banner means that I'm receiving just a warning it is allowing me to go through and complete that authentication attempt but before it actually goes through and logs me directly into that system it is going again to let me know that my browser is out of date the policy is that we use the most recent version and then there's a link here directly to Mozilla site that's going to tell me about how I go through doing an update the converse of this would be if a device is so far out of date that it poses a risk you can actually block that access so now you're letting the user know hey I'm sorry your device is so far out of date we're not going to be allowed to we're not going to be able to allow you access until you go and update that device so let's flip over to the admin panel so now we're moving from what a user sees - what an admin sees here's your dashboard that you'll see each time that you go to log into your admin panel obviously when logging in you're gonna be logging in with a strong second factor that you'll enroll when creating your account the idea on this dashboard is that we want to give you a top down view an overview of the most important or changed data in your deployment so that you can quickly identify any anomalies so here you see a visual representation it looks like on our demo account here we were doing a lot of failed authentication testing because you can see there are green hashes for any successful auth s-- and red mark for any failed offs and this gives you a 48-hour overview you can take a look and delve into anywhere that there's an unusual spike in authentication or anomalous amount of failed or abandoned authentication attempts you also get a heads up on your user status how many users are locked out set to a bypass mode where they won't be challenged for two-factor or are enabled as well as the total number of users how many endpoints are in your environment how many of those are out of date total numbers of administrators devices and users enrolled and a snapshot of your most recent authentications with all of that data that we were talking about that it we're going to collect when a user's going to login that they see in that push authentication request the time there is the user the application the IP origin etc now in addition you'll note that we're getting some device insight here we're seeing the version of OS X that's installed as well as the version of Chrome that they were using and that this is not a trusted endpoint it is not identified as a corporate managed device this information is coming from our user insight or a device in sight rather functionality and this is a agentless approach to gathering some basic security hygiene information each time that a user goes to authenticate we're leveraging tools that are already available so that we don't have any additional overhead or infrastructure required to gather this data and we can make sure that it is being collected each and every time that a user goes to log into a protected application that information is basic hygiene about the device right we want to if we're looking at mobile devices we want to know what the OS inversion is we want to see if that's an up-to-date patched version or if it's an older version that may be vulnerable to exploits that have since been updated these are the exploits that attackers are likely to use at scale we want to know if that device has been tampered with it's been rooted or jailbroken you may have a subset of your user base that is able to have a tampered or jailbroken device but if you have a research team then needs to you know conduct testing with those devices you at least want to know about it and odds are for your average user this isn't something that you want to enable for access to protect the data so you have that visibility here you also get information on whether that device has a screen lock and specifically whether that screen lock is protected with a biometric factor as well as whether disk encryption is enabled we don't show that breakdown on iOS because disk encryption has been enabled by defaults ever since iOS 9 but since that is not standard across the board on Android we do give you a break down here on tops and desktops we're looking at much the same information OS and version browser and version if you want to restrict the browsers that users can access protected resources with you can do so as well and if we scroll down we see our sort of problem children perennial problem children plugins flash and Java we know that these frequently have severe CDE patches updates that are available and so we at least you know if we want to still allow devices with these plugins and able to to log in at the very least we want to make sure that before we do so we're keeping them up-to-date so that's talking about visibility now let's talk about control well first before we can build policies to control access to an application we're going to need to create that application itself so here I'm going to go in and I'm gonna make a new integration for an a SA now you can see here that our first couple of steps are actually getting called out for us in this little gray blue banner at the top of the page I'm actually gonna skip all the way at the bottom here I'm gonna give this integration first a unique name I cannot type today great so we've got a unique name here we can set some other integration level options whether we want to allow users to add or remove devices later on after completing a strong authentication the self-service portal obviously is not accessible until you complete authentication with a strong second factor again that's a part of the reason why there's value in having a backup option enrolled you can choose whether user names will be normalized across domains so if you have multiple ad domains you can choose whether a given user ID will be treated as distinct or universal across those domains you can customize the voice greeting that users will receive with a phone call back add notes for other admins restrict access to specific groups or administrative units and as well as the policy options that you'll see later you can set a specific allow lists for set host I'm gonna save those changes and now I'm gonna go through and click on these links so for every one of our integrations this is going to be the first place that you'll go you'll get that banner when you create a new integration it's gonna link you to our documentation page in that page you're gonna get an overview in most cases you will get a step-by-step narrated walkthrough video as well as a step-by-step annotated and screenshot walkthrough with sample data so that you can see what the input types will be throughout at a high level the integration process for most duo integrations is going to look really similar and is going to come down to these keys that you see here under the detail section for each integration you're going to see these three keys your eye key or integration key your a key or API hostname and your s key or secret key which here you can see has been obscured the exact method for how we will integrate for a given integration is going to change based on the easiest hooks available for that system in the case of a s a hardware supports a custom secondary sign-in page so we give you that sign-in page as a download and then you go through and in the in the configuration for those server groups where you'll add that secondary sign-in page you're going to add these integration keys you'll also see a flow of what a successful login should look like for that integration a network diagram showing the full flow from the user initiating authentication to finally reset reaching that resource after primary and secondary authentication and then for system that have multiple configuration options like for a SA which you can configure through a command line as well will include alternate or secondary configuration options if you'd like to get an overview of all of the natively supported systems as well as our general-purpose integrations documentation page is a great place to go for that you can get high level information about duo and its functionality and if you scroll down a little bit you can see both our most common enterprise hardware and serve that we see Microsoft services web-based services IDP providers a whole bunch of cloud services duo can be integrated with any sam'l compatible service but we do have a step-by-step walkthroughs for the most common integration so you can see exactly what it'll look like then if you keep scrolling down you'll see there's some other applications that are supported as well as more general-purpose integrations the idea being basically if you have an interactive login duo wants to be able to help you protect that with a strong second factor you've got a SSH login both through the command line and actually bringing up a interactive web prompt for the user your API information so you can plug this into your homegrown applications as well as some general purpose tools and guides for your users so after we go through and do the actual integration which in many cases will take 20 minutes or less we then want to go and start building what our controls are gonna be that starts with the global policy now there are existing integrations in this demo account so it's giving it's already pre filling what this global policy is new user policy this is how new users that have not previously been enrolled in duo are going to be treated you've got a couple of options here you can deny allow or require enrollment require enrollments is the process that you saw during my live demo as a new user going to login for the first time after duo has been enabled it prompts me to enroll a device but trusts me on first use that's that tofu philosophy it allows me access on that first login using just my primary cadential so that I can enroll that device every time thereafter I will have to use that device to login the other options here would be allow or deny allow is a great tool if you have to test in production this means that unless you have invited or directly enroll the user they are going to be allowed access with just their username and password so in this scenario you could have a pilot group of a hundred users you have those users added to a group that is you get added do well those users and roll their devices each time they go to login they're going to be prompted with duo based on the policies that you set and you can gather their feedback meanwhile all other users that you have not added to duo are invited to enroll they log in the same way they do today they go to the same page they enter the same credentials their experience does not change it's still taking them through the duo authentication process but because of this new years or policy that says only to prompt users that have been added or enrolled in duo they are not going to have their experience change this allows you to test even if you don't have a dedicated sandbox environment the flipside of this would be to deny access and unfortunately where we usually see this in place is when someone is adding duo as a remediate of step after they believe that they've experienced an incident in many cases part of this remediation is trying to restrict access until a user's identity and credentials can be verified by the security team and in that scenario you could say even if a user has valid primary credentials if I have not enrolled or added them to duo do not allow them access even if they have that valid a username and password you can also have group access policies defined either groups that are created within duo or groups that you are importing from Active Directory you can do user location based policy either to allow to deny or to always require multi-factor you can also have a catch-all category so you can have no action taken on users coming from Canada and United States which means that it will follow whatever other policy restrictions are in place and for any other countries is going to deny access trusted end points are going to be corporate managed devices that have been issued with a duo identifier or a little duo certificate so that you can have additional policy restrictions that say only corporate managed devices maybe these duo identified endpoints also have a local agent based endpoint management tool or mobile device management who will installed on it you can set that in your pal see for web-based authentications you can choose whether users should be remembered and whether that memory should be for each application that they log into or for all protected web applications this can be set based on hours or days for both mobile and desktops you can choose operating system restrictions and the nice thing here is that there are dynamic versions updated by duo so that you don't constantly have to go in and update these you can use these dynamic settings of less than the latest up-to-date version or end-of-life version and you'll also get a little context clue here on the right side that'll show you what those versions are currently recognized as if you do have some legacy situations where you can't update past a certain version no worries we're going to talk about how you can have some custom policies and then you can choose specific OS versions you can also choose whether you want to just warn your users or actually block them and how long of a grace period they have to do that update along with these version and update prompts you can allow or block entire os's os categories as well as browsers to allow or deny access to you specific data or specific resources from browsers that you have is preferred or want to exclude as well as prompting or blocking users for an out-of-date browser you can as mentioned make sure the plugins are up-to-date or block them along with host names you can have specific allow or deny lists for IP addresses and ranges you can deny authentication from risking networks those could be known anonymous or malicious proxies tor endpoints are unrecognized VPNs you can limit the authentication methods that are available to your users so for example if you want to force out-of-band authentication you can do that by disabling Pascoe's or telephony options you can require that users have an up to date version of duo mobile whether or not they can have a tampered or jailbroken device whether they must have a screen lock and whether a device must have full disk encryption and whether that screen lock must have a biometric option available that gives you a good baseline so you've got your global policy this is gonna be applied by default any time you create a new integration this policy is going to come into play but not every tool is the same so let's say that we have a specific a si policy for any of our a si gateways so that we can say any user coming to login must follow additional policy requirements I scroll back down here to my global policy I can see that some of these standards have now been overridden by changes based on the application policy this allows us to get more granular now getting further granular within a specific tool not every user is going to interact with that tool the same way and so we can actually go as far as applying policies based on groups and these again can be groups that we have created locally within duo or more likely that we are managing from our primary identity service or directory service like Active Directory azure ad etc so creating an applicator is creating an integration and setting that up within duo creating policies to govern that application we're all set except now nobody can use it we actually need to get users enrolled there's a few different ways that you can enroll users it starts with the most straightforward if not the most convenient to add users manually so I'm going to add Zoey Lyn 42 because I've got all the answers here and now I can go through and I can manually set every field that a user would otherwise be able to setup during enrollment or that you could import I can set alternate user IDs if maybe my Zoey Lynn 42 is my user ID for Sun Services and Zoey Lynn 42 at domain.com is my long and elsewhere since this is the same actual user we can add this as an alias we can add the user real name email their status for two-factor any groups that they're a member of all of this can be done annually if you have two or more users I would not recommend to this enrollment process this is really just for sort of initial proof of concept testing or if you have a home lab that's just you if you've got a group of users you're gonna use one of the bulk enrollment options you can either paste a CSV of user IDs and emails and you can customize the enrollment email that they'll receive which they'll then click on that link and it will take them through enrolling their device just like the self enrollment that you saw or you can import an existing CSV that you've exported from another directory or a reference point but by far the most common way is going to be a directory sync odds are you're already using LDAP Active Directory Azure ad some tool to manage user identities and groups work groups within your environment there's no reason that you should have to duplicate all of that work and management just to have that control in duo so we have a simple way that you can add a lightweight software proxy inside your perimeter that is going to send only the information necessary for that secondary off request it is not going to transmit the primary credentials that are still validated by Active Directory or by whatever your domain resource is but after primary authentication it will then send that information to duo to complete the second step as well as allow you to import and manage your users and groups in duo based on those that you've already created within your home directory alright now let's see here if I go back to our agenda we talked through authentication methods we looked at the end user experience we looked at what is Kate encompassed and device insight creating and configuring an application including policies and controls and enrolling users I know I waited a pretty quick clip there usually we do this presentation about 45 minutes so I appreciate you bearing with me and I'd love to open it up to any Q&A that we've gotten absolutely yeah great job Zoey I know it was a fast-paced demo but you went really through it very well very well I learned a lot I learned how thorough the documentation and the CLI examples and the videos are on the duo website I was impressed by that the massive list of supported integrations I mean it just went on and on you kept scrolling through applications and clouds and network infrastructure that was cool to see how easy it is to test in production you talked about that and how easy it is to get started so um let's see first comment came in here they said nice presentation Thank You Pamela another question or comment came in here and they're asking does duo interact with local installs of Outlook as in will outlook like when someone logs into outlook does duo have anything to do with the authentication of that or how does that work right so presently we do not protect authentication for locally installed thick clients with exceptions there are primarily remote access solutions like VPNs that our client based that we allow authentication protection for what you can do is that duo supports workstation login and so you can implement authentication with a second factor on both Macs and Windows machines and on Windows you can actually still enable that even if that device is completely offline by using cash offline logon okay that's very nice I didn't know that was supported so that's cool to see another question here what about users who don't want to enroll personal personal devices oh yeah good question and this is something that we run into as a concern a lot of times we're talking to folks and helping them through their trial in their pilot process what we have found through a whole lot of deployments is that oftentimes we will overestimate the scale of this problem and we can address a lot of the scale of this problem through communication and education so one of the resources that I would really encourage anyone who is checking out Duo to take a look at is going to be our guide documentation so this is a end user facing guide to 2-factor pretty comprehensive going from what two-factor is do exactly what duo is going to look like for interaction across all of these different platforms and tools and letting them know exactly what information is being collected on their device usually when users don't want to install something under their device they're concerned about either or both giving up control or giving up privacy and we can respond to those concerns because what duo is gathering it doesn't require an agent we are gathering no additional information beyond the default developer permissions that are available to any applications stored on their phone other than requesting camera access to scan those QR codes but it doesn't request photos access to so you have a visibility on them so installing to a mobile isn't going to allow users to have all their pictures deleted allow their boss to see every text that they send to their mom really all that it's doing is letting us know whether that device is secure enough is healthy enough for us to allow it access to protected data oftentimes when users understand that which you can do in the pre enrollment stage when you're communicating to them and educating them about what to expect that addresses the issue for the majority of your users odds are you know if especially if you've got a resistant user population you're probably still gonna have some users that may not want to do that that's fine that's why we have a variety of factors of available maybe their pardon me maybe they have a desk phone you can have them use that to authenticate maybe you can get them a dedicated device that's less expensive than purchasing and maintaining a phone plan like a Yubikey or a u2f token and if you're issuing them a a laptop increasingly as we expand our weboth and support you may be able to have them do that strong device based authentication right from that device using something like that such ID so I would say first lead with communicating and an education that's going to help address a lot of the problem and then for those were recalcitrant few you can use another one of the options to get them enrolled okay very nice I like that you have user education available I think that's very smart because I'm sure you're right that's the users just want to make sure that their personal data isn't you know somehow being accessed and there's also other options available so that's cool another question here what if you don't allow BYOD oh yeah good question so this is this is a tricky question for me because I feel like the questions you do you have a BYO environment is for almost every organization yes whether we like it or not right because we need to account for the gaps in our security strategy and the potential for shadow IT if I am a leader and the process for getting a corporate managed device or using the services that require using that managed device are too arduous if I can scale the difficulty level of a credit card going to a SAS service where I can just set up a service on the credit card and or login directly to a corporate managed cloud service by going straight to their login page rather than the internal organizations page for login you know if I can if I can do those things users even good users are going to try and take the path of least resistance you can get in front of that though if you recognize that users are going to use their devices wherever they can get away with it you can account for that and build a strategy around it and you can think about what are the places where I can give users that freedom to have access as long as their devices are healthy and up-to-date and meet our security policy and then where do I say you know this is a more sensitive resource we really do need to add these additional controls here if your users can see that you are building that balance of security and convenience for them and making it easy for them where you are able there going to be a whole lot more receptive to those places where you may need to step it up and the more consistent you can keep that experience across all of those integrations the better acceptance and adoption your users will have excellent excellent um let's see I know we're running out of time here before we go looks like last question how do you get started what was the URL can you bring that up again Zoe yeah so we've got let's swap back here we do have a 30-day trial that gives you access to try out every edition of our service oh that's one thing that I didn't mention I'll flip over to what the additions and pricing are in just a moment but we do have a sign-up page where you can go you can actually set up a trial account with full access to the service for 30 days we do have a Community Edition that you continue to use after that but here if you go to do o com pricing we have a pretty transparent structure we have a few different editions duo free being a community Edition that was mentioned mfa providing the base multi-factor experience access providing the detailed device insight and policy control settings and then beyond really going for those organizations that are looking to fully mature their zero trust strategy it allows secure external access to internal applications with out requiring the additional layer of the VPN as well as giving you the ability to have managed and unmanaged devices as I had mentioned there is an additional element to build your policy around so yeah you can get that started by going to sign up duo comm and I would invite anyone who has further questions feel free to reach out you can find me on twitter i'm at duo zoe d uo 0 e or i've got one of the easiest email addresses in the world if you're ready it's z o e @ d u o comm i love that that's super easy whether it's on Twitter or email I also love the community edition I need to give that a try for myself I love the transparent pricing and quick fast setup Zoe I think that's all we have time for but it's been great having you on the event today wonderful thanks so much you have a great day everybody Thank You Zoe and thank you do for supporting today's live demo of duo security and thank you everyone out there in the audience for joining us today on the event of course for more information visit sign up duo com have a great day

Info

Channel: ActualTech Media -

Views: 23,516

Rating: undefined out of 5

Keywords: Infosec, ITsecurity, security, Duo, DuoSecurity

Id: JH7-qO2HFt0

Channel Id: undefined

Length: 42min 9sec (2529 seconds)

Published: Tue Oct 08 2019