Lessons Learned from Mining Billions of Authentication and Access Events
Time 05/18/16 01:15PM-02:30PM
At Duo, we see billions of authentication and access events each year from tens of thousands of customers across huge user and device populations. In this session, we present the major trends and patterns at Internet-scale that we see as an access security provider with unique visibility into the users, devices, networks, and services that make up enterprise remote access. This session includes a special emphasis on trends in the education sector and how this sector compares to the broader Duo user population in terms of access device security and use of strong authentication.
Mike Hanley, Director of Duo Labs at Duo Security and former Senior Member of the Technical Staff at CERT/CC, will present “Lessons Learned from Mining Billions of Authentication and Access Events”. Attendees will leave this talk with actionable information, derived from a one of a kind dataset, about the changing security landscape with specific insights into strong authentication, platform management, and policy-based access control mechanisms. The dataset we processes represents billions of events tied into over 70 other cloud and endpoint services to provide strong authentication, device insight, and platform security controls to some of the world’s most valuable brands. In this talk, Mike will present key findings from mining this dataset of total events Duo services process to provide unique insights to the broader security and information technology communities. Topics will include major trends as well as interesting and surprising findings in the following areas:
- Trends in BYOD and their impact on the demise of hard-token 2FA
- Patterns of multifactor authentication usage and adoption across sectors with a focus on education
- Adoption rates of OS/browser platform updates at major patch intervals
- Analysis of sunset phone hardware used for access and authorization and the risks associated with dated handsets no longer supported with OS updates Services
- How we’ve approached data warehousing and analysis to support a diverse, rapidly growing dataset
We will close with the top 10 actions IT administrators can take from this talk and apply today based on our findings.
Speaker Michael Hanley Duo Security
Secondary tracks Cloud Based Research, Education and Service Missions