Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1427
Views
0
Helpful
0
Replies

New blog: Navigating New PCI DSS 3.2 Guidelines for MFA With Duo

mkorovesisduo
Level 4
Level 4

‎04-03-2017 08:50 AM

When you’re trying to parlay a multi-factor authentication (MFA) product into a solution that complies with current requirements and stays ahead of future ones, it’s hard to tell which way the ship is sailing — especially when you run up against parts that are more what you’d call guidelines than actual rules. Payment Card Industry Data Security Standards (PCI DSS) 3.2 went into effect in October 2016, with requirement 8.3.1 (expanded use of MFA) coming into effect on February 1, 2018. In the meantime, the PCI Council has come out with an MFA Supplement that sets forth some guidelines that may possibly be incorporated into the standard at some point in the future.

Now, Duo helps meet these guidelines, with features such as:

  • Policies to prevent authentication login from specific locations, networks or IP addresses
  • Strong authentication with Security Element (SE) or U2F
  • An easy to use out-of-band authentication factor (Duo Push, based on asymmetric keys)

Learn more in this blog by Wendy Nather.

Labels:
0 Helpful
0 Replies 0
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents