Case studies and EBR

Question 1

Versant Health, what city and what is the name of the CISO?

Answer 1

San Antonio, Texas, Derek Vorpahl

Question 2

Versant Health, what is their Zero Trust posture?

Answer 2

{Long term} Zero trust - trusted endpoints, granular policies, etc. Derek looking for specific actionable steps to take in the short-term to start building towards the zero trust model.

Question 3

Xavier University, what city and what is the name of the director of security?

Answer 3

Cincinnati, Ohio, Brian Rappach

Question 4

What was Xavier University big win with Duo and KnowBe4?

Answer 4

Combination of Duo rollout and KnowBe4 phishing education has led to a drop of 500 compromised O365 accounts last fiscal year to 1 this year.

Question 5

Children’s Hospital of Colorado, what city and what is the name of the CISO?

Answer 5

Aurora, Colorado, DJ McArthur

Question 6

Children’s Hospital of Colorado, what is their Zero Trust posture?

Answer 6

Deploy ISE starting with guest and wireless first; Improve the VPN end user experience; Block EOL devices; Continue to configure granular polices

Question 7

Henry Ford Health, what city and what is the name of their CISO?

Answer 7

Detroit, Michigan, Christy Wheaton

Question 8

MidMichigan Health, what city and what is the name of their director?

Answer 8

Midland, Michigan, John Kelley - Director, IT Infrastructure

Question 9

What technologies does MidMichigan Health want to integrate with Duo MFA?

Answer 9

Windows UAC, Box (Cloud SSO), Cisco ISE and VPN, CyberArk

Question 10

Cerner Corporation, what city and what is the name of their director of IAM?

Answer 10

Kansas City, Jim Slinkard - Sr. Director IAM & Security Architecture

Question 11

What was the impact of Cerner installing Duo on phishing and business email compromise?

Answer 11

** Disclaimer: Cerner has a no publicity clause in their contract so while these are awesome stories, they will not do a case study or other public facing forms of promotion **

Prior to Duo, Cerner had 202 credentials phished and 68 of those credentials used for unauthorized access to Cerner mailboxes. After Duo, the rate of credentials successfully phished increased to 422 incidents, but they only had 1 incident of unauthorized access to a mailbox

Question 12

What was the impact of Cerner switching to Duo on total cost of ownership (TCO)?

Answer 12

** Disclaimer: Cerner has a no publicity clause in their contract so while these are awesome stories, they will not do a case study or other public facing forms of promotion **

Went from 400 users and a handful of apps on RSA to 22,000 users and 40-50 apps with the same support staff. Justification for purchasing Duo was the minimal TCO.

Question 13

What are Cerner’s objectives?

Answer 13

Choosing a new IDP (Sailpoint, Savian, One Identity Hitachi) 
Rolling out Microsoft Intune
Full migration to AzureAD eventually
Adopting the NIST 800-63 standard 
Cisco ASA SAML config
2FA on all networking devices
Continue to protect internal apps

Question 14

BJC Healthcare, what city and who is their CISO?

Answer 14

Saint Louis, Missouri, Chris Niekamp

Question 15

What EMR is BJC Healthcare running?

Answer 15

Epic - Duo replaced RSA in protecting Epic.

Question 16

What are BJC Healthcare’s objectives?

Answer 16

Protecting MyTime, Saba, ServiceNow

Question 17

American Public Media (APM), what is the name of their IT director featured in the case study?

Answer 17

Brad Rosenberger, Director of IT Infrastructure at American Public Media

Question 18

What added benefit did American Public Media (APM) receive in addition to two factor authentication?

Answer 18

Device insights. With many organizations pushing toward a Bring Your Own Device (BYOD), APM wanted to proactively get the visibility into what employee-owned devices are trying to access their networks.

Question 19

Ars Technica, what is the name of their director of technology featured in the case study?

Answer 19

Jason Marlin, Director of Technology

Question 20

What was the primary benefit Ars Technica realized in implementing Duo?

Answer 20

Security without slowing down busy writers. Jason Marlin: “You hear horror stories about the new security model and the difficulty in revving up security in your organization, but Duo is so easy”

Question 21

Boise Cascade, what city are they located in and what is the name of their CISO?

Answer 21

Boise, ID, and John Stifler - CISO

Question 22

What does Boise Cascade do?

Answer 22

Boise Cascade is a North American manufacturer of wood products and wholesale distributor of building materials, headquartered in Boise, Idaho.

Question 23

What does Boise Cascade need help with for multi-factor authentication?

Answer 23

Onboarding new employees. Duo is not completely baked into their new hire process and they need some assistance working with HR to help make this happen.

Question 24

Boise Cascade is using Duo Access. Which Access feature do they need advice on?

Answer 24

Phishing. Boise Cascade is using our phishing tool and would like some recommendations on phishing best practices.

Question 25

Citizen Union Bank, what is the tag line for the case study?

Answer 25

How the Financial Institution Quickly Implemented Their Secure Remote Access Program

Question 26

What were the use cases for Citizen Union Bank?

Answer 26

AD Sync, Citrix, and Checkpoint. In addition, the solution they chose needed to satisfy regulations, be easy to
use, and quick to deploy.

Question 27

Who was the Vice President Network Operations in the Citizen Union Bank case study?

Answer 27

Mickey Twyford, Assistant Vice President Network Operations

Question 28

Betsson Group, what is the tag line for the case study?

Answer 28

How the Online Entertainment Leader Deployed Duo to

1,500 Users in a Single Day

Question 29

Who was the Information Security Manager in the Betsson Group case study?

Answer 29

Adrian Romano, Information Security Manager

Question 30

What were the use cases for Betsson Group?

Answer 30

Moving off the McAfee one-time password (OTP) method of 2FA; Supporting the transition from Juniper to Checkpoint remote access;

Question 31

Calgary Board of Education, where are they located and who is our primary point of contact?

Answer 31

Calgary, Alberta, and Ryan Opperman - Senior Solutions Architect

Question 32

Union teachers pushed back at Calgary Board of Education’s use of Duo. Why? And what was the solution?

Answer 32

Union employees did not want to use their personal phones. We were able to find middle ground with many folks by offering SMS or Phone Call Back as an auth method.

Question 33

What is the next step for Calgary Board of Education’s deployment of Duo?

Answer 33

Phase 2 applications include Desire2Learn (D2L) and Powerschool (student records system)

Question 34

Where is Peloton located and who is their director of technology?

Answer 34

New York, Dave Brown

Question 35

Why are Peloton users relying on phone call authentication?

Answer 35

There is resistance to installing Duo Mobile on personal devices. There are also users who strongly prefer to keep PIN / FaceID disabled.

Question 36

Where is the Bank for International Settlements (BIS) located and who heads up their security team?

Answer 36

Basel, Switzerland, and Brian Ritchot

Question 37

What applications is Bank for International Settlements (BIS) looking to protect with Duo?

Answer 37

PeopleSoft HR, Openlink Findur

Question 38

What IAM products does Bank for International Settlements (BIS) use?

Answer 38

SailPoint, Airlock IAM, CyberARK

Question 39

Where is Cimpress and who is their CTO?

Answer 39

Boston, Maarten Wensveen (CTO)

Question 40

Where is Mayo Clinic and who is their director of enterprise systems?

Answer 40

Rochester, MN, and Ely Pelowski - Director of Enterprise Systems

Question 41

What is Mayo Clinic’s compliance objectives?

Answer 41

Protect EPCS for DEA compliance
Phase 1: Florida and Arizona (complete! - to be validated)
Phase 2: Minnesota and Wisconsin (in progress)
Phase 3+: Iowa? (to be confirmed)

Question 42

What other MFA providers does Mayo Clinic have installed?

Answer 42

RSA in place today - VPN & server access
Secure auth - smart cards for work stations
O365 with Microsoft MFA - rolling out in a couple of months
Imprivata used with Epic

Question 43

What siem does Mayo Clinic want to integrate with Duo?

Answer 43

LogRhythm - they are interested in doing more with our Admin API. We want to work directly with the security operations center to help develop a list of recommended alert

Question 44

Where is Polaris Industries and who is their compliance manager?

Answer 44

Minneapolis, MN, and Adam Knutson - Information Security and Compliance Manager

Question 45

What HR systems are on Polaris Industries roadmap?

Answer 45

They are planning to roll out Workday and Office365, which would cover a larger subset of users that aren’t currently in Duo.

Question 46

What siem has Polaris Industries integrated with Duo?

Answer 46

They utilize Splunk to ingest the device insight data, but don’t currently take any action off the dashboards they have built.