Duo Integration

Cmd + Duo:
Two-Factor Authentication

Strengthen authentication by deploying 2FA quickly and reliably throughout your Production Linux environment

# Protecting Linux Production Environments with 2FA

2FA seems like a no-brainer security procedure, and many companies do indeed use it — but not inside a Linux production environment.

With virtual private networks (VPNs) and other security tools, some companies believe they’re already secure. Others are concerned about efficiency — reconciling and managing user identities in a Linux environment is challenging, and too many steps can slow down engineers.

But they’re not as secure as they need to be: all organizations today should assume that attackers are already able to get inside. Without additional authentication, if someone does get inside the system, there aren’t protections in place to protect sensitive, company-critical information. An attacker has almost unlimited ability to do harm. Game over.

# How Cmd Integrates with Duo

Cmd helps companies authenticate and manage user security in Linux production environments without slowing down teams — you don’t need to individually configure identities and devices. Our modern, fast platform integrates with Duo and other tools to ensure that companies have an extra layer of protection before users can access the shell and any sensitive data or company operations.

Cmd integrates with Duo to put 2FA checkpoints into Linux-based data centers and cloud infrastructure. The combination of Cmd and Duo enables development teams to run at the modern, agile pace they are accustomed to without any security-induced slowdowns.

This integration ensures there’s no large-scale syncing of identities or complex processes required to authenticate access to vital resources like cloud infrastructure or codebases. Instead, Cmd seamlessly integrates with Duo’s processes to unobtrusively associate user IDs and then track all behavior.

 

The typical process looks like this:

  • The user logs into the system
  • Before the login succeeds, Cmd prompts the user to authenticate themselves
  • The user picks Duo for 2FA and enters their one-time password
  • Once authenticated, the user can access the system
  • Cmd records the session log in real-time, correlating the user’s login to their real identity

 

Additionally, Cmd and Duo let you:

  • Trigger 2FA validation at the moment of a privilege escalation through sudo
  • Restrict sensitive actions, such as dumping data from a customer database
  • Set adaptive 2FA controls that depend on time of day, location, and other behavioral factors

Companies using Cmd’s Duo integration can also take advantage of other features, such as alerting, reporting, and cloud compliance & auditing management.

Copy link
Powered by Social Snap