2016 Internet2 Global Summit

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Lessons Learned from Mining Billions of Authentication and Access Events

Time 05/18/16 01:15PM-02:30PM

Room Lincolnshire 1&2 (6th Floor)

Session Abstract

At Duo, we see billions of authentication and access events each year from tens of thousands of customers across huge user and device populations. In this session, we present the major trends and patterns at Internet-scale that we see as an access security provider with unique visibility into the users, devices, networks, and services that make up enterprise remote access. This session includes a special emphasis on trends in the education sector and how this sector compares to the broader Duo user population in terms of access device security and use of strong authentication.

Mike Hanley, Director of Duo Labs at Duo Security and former Senior Member of the Technical Staff at CERT/CC, will present “Lessons Learned from Mining Billions of Authentication and Access Events”. Attendees will leave this talk with actionable information, derived from a one­ of a ­kind dataset, about the changing security landscape with specific insights into strong authentication, platform management, and policy­-based access control mechanisms. The dataset we processes represents billions of events tied into over 70 other cloud and endpoint services to provide strong authentication, device insight, and platform security controls to some of the world’s most valuable brands. In this talk, Mike will present key findings from mining this dataset of total events Duo services process to provide unique insights to the broader security and information technology communities. Topics will include major trends as well as interesting and surprising findings in the following areas:

-User Authentication ­

- Trends in BYOD and their impact on the demise of hard­-token 2FA ­

- Patterns of multi­factor authentication usage and adoption across sectors with a focus on education

- Adoption rates of OS/browser platform updates at major patch intervals ­

- Analysis of sunset phone hardware used for access and authorization and the risks associated with dated handsets no longer supported with OS updates Services ­

- How we’ve approached data warehousing and analysis to support a diverse, rapidly­ growing dataset ­

We will close with the top 10 actions IT administrators can take from this talk and apply today based on our findings.


Speaker Michael Hanley Duo Security

Primary track Cyber Security and Trust and Identity in Education and Research

Secondary tracks Cloud Based Research, Education and Service Missions

platinum Sponsors

gold Sponsors

silver Sponsors

supporter Sponsors