Duo admins: What application to protect first?

Duo administrators have to start somewhere with their deployment, and which application you protect with two-factor authentication (2FA) first is one of the early decisions you must make.

What application did you protect first?

  • Office 365
  • Windows Logon and RDP
  • SSH and local logins to Unix (Linux, CentOS, etc.)
  • Other: Tell us in the comments!

0 voters

If you’re new to Duo, there are some considerations to keep in mind when making this decision:

  • What is the most widely used? - By targeting an application the majority of your org uses, you will be able to enroll and familiarize most users with the 2FA experience early on.
  • What is highly sensitive? - You may want to prioritize the security of your systems and applications that either contain or have direct access to sensitive data.
  • What is the end-user experience and how willing are your users to adopt 2FA? - When you select applications that present the Duo Prompt for enrollment and self-service, or you first enroll user groups that will be quick to adopt 2FA, you can help to ensure a smoother deployment by reducing resistance.

You’ll find more great tips and best practices in the free courses at Duo Level Up. I recommend Protecting Applications with Duo and Designing Your Duo Launch if you’re interested in this topic specifically.