Guest blog courtesy of Cisco Duo and authored by Janet Ho. This blog originally appeared here.Identity attacks are at the heart of most security breaches, year after year. Despite their role as a primary entry point, confidence in stopping those attacks remains low. Only 33% of leaders trust their identity provider to prevent identity-based threats, even as budgets rise and urgency spikes. With 82% increasing identity security spend and 85% shifting to security-first identity strategies to counter AI-driven attacks, the gap is no longer awareness, it is execution. Identity itself is evolving. Modern identity is not just humans, it also includes machine identities such as service accounts, APIs, cloud workloads etc., increasing complexity.So what does this mean in practice? As identity expands beyond users, are your customers ready? And as a managed service provider (MSP), are you ready to support them?Cisco Duo makes it a win-win by delivering identity security that’s simple for users and manageable for MSPs, so it’s easier to adopt, easier to support, and easier to scale. Don’t compromise strong security for user experience. Instead, skip the complicated logins and constant prompts, and make identity security easy. This means fewer support tickets, less operational overhead, and a service that’s actually scalable for you as a service provider. As one customer put it:
I really wanted to lay down a good MFA groundwork and strong identity [posture]. ... From an MFA standpoint, Duo was the clear leader. They had the best UI/UX and [because] SSO was included, it just always made sense to start there. … Duo is a really nice turnkey way to establish both user and device context control and posture at [the same time].
Technology Services, CISO
Every customer is different
Depending on the industry, your customers may face different challenges and regulations. Let's look into this.Finance – With some of the highest breach costs in any industry and highly sensitive data at stake, protecting customer data is critical. Phishing-resistant MFA helps protect sensitive customer data while detailed logs and reports make it easier to support compliance reports aligned to standards NIST, FFIEC, NYDFS, PCI‑DSS, and FTC Safeguards.
Duo named a Buyer’s Choice Award winner in the TrustRadius Authentication category for 2025 based on peer reviews written by practitioners, consultants, decision-makers and others who have experience using Duo.
Healthcare – In healthcare, every access decision affects real people, patients, families and staff. The goal is simple: deliver the best care possible, safely. At the same time, access has to meet HIPAA requirements without getting in the way of care delivery. Duo helps MSPs strike that balance by securing ePHI and clinical systems with strong authentication and device trust while SSO and paswordless options ensure clinical workflow isn’t slowed down.
KLAS Research, a leading research firm in the healthcare industry, announced that Duo has been ranked #1 in the category of Access Management two years in a row! Based on extensive feedback and evaluations from healthcare professionals across the nation, Duo's Multi-Factor Authentication (MFA) product was measured against the competition in key criteria including culture, loyalty, product, relationships, operations, and value. By providing secure access for every user, every device, and every application, Duo was declared the clear choice.
KLAS Research
Retail – Retail moves fast and secure access needs to keep up, especially in environments that handle sensitive credit card data. Duo helps MSPs secure POS, cloud, and legacy retail systems with phishing-resistant access and device trust. Centralized visibility and access logs support PCI DSS 4.0 requirements, while passwordless login and self-service enrollment make it easier to onboard seasonal staff and reduce support tickets.
Education – With security staff and budgets stretched thin, schools have become popular targets for attacks. From shared Chromebooks to cloud-based learning platforms, access needs to be secure without adding friction for students and educators. At the same time, schools are responsible for protecting student data under regulations like FERPA, controlling who can access records, enforcing permissions, and maintaining clear audit trails. Duo helps MSPs meet those requirements by enforcing strong authentication, SSO, and device trust across K–12 and higher education.
Duo is a key component of that strategy as it confirms any user is who they say they are. The ease of use for end users combined with the simple technical integration in the background makes it a big win for us. It’s a credit to Duo that our users just got it. That’s not a simple requirement when it comes to security tools Read the full case study
University of Queensland
Legal – Protecting client confidentiality is non-negotiable. Duo helps MSPs safeguard attorney-client confidentiality by enforcing trusted access that verifies user identity and device health before allowing access to email, applications, and client data. By blocking unauthorized users and unhealthy devices, Duo supports compliance with the ABA Model Rules of Professional Conduct, including Rule 1.6(a) and 1.6(c), while providing secure MFA, SSO, and comprehensive protection across cloud, VPN, remote, and on‑premises systems to prevent data disclosure without disrupting legal workflows.
“Duo provides insights into user device compliance such as biometric authentication requirements, simplifying George Sink’s compliance management. Duo’s flexible approach allows George Sink to customize the user experience and MFA interaction based on specific contexts and types of users." Read the full case study
George Sink Law Firm
SaaS/technology providers – Constant changes is the norm for SaaS. Teams change, tools change, and new environments and third parties are introduced all the time, so access controls need to adapt just as quickly. Duo helps MSPs enforce trusted, phishing-resistant access by verifying user identity and device security posture before granting access to cloud applications, VPNs, and developer environments. Continuous monitoring, risk-based policies, and location-aware controls help detect and block anomalous or risky access, while phishing-resistant passwordless authentication, SSO, and centralized reporting reduce credential exposure without adding operational complexity for teams.Ready to take your managed identity services to the next level? Discover even more in our eBook: The industry-focused IAM Playbook for MSPs.
IBM is adding two managed Red Hat services on IBM Cloud as enterprises look for more controlled ways to run AI inference and modernize virtualized workloads.
