duo-security
Businessmodel of Duo Security
Customer Segments
Duo Security has a mass market business model, with no significant differentiation between customer segments. The company targets its offerings at firms of all industries and sizes.
Value Proposition
Duo Security offers four primary value propositions: convenience, risk reduction, performance, and brand/status.
The company reduces risk through high standards for security and stability. Its platform is built with security in mind. It uses asymmetric cryptography to verify clients’ customers’ devices against its server, making it difficult for attackers to compromise the devices. The platform also utilizes two-factor authentication, which enables users who have entered passwords to verify their identities using a second factor. This fends off man-in-the-middle (MITM) attacks in which a threatening party hijacks a login session and steals passwords. Beyond these features, Duo maintains multiple offsite backups of customer data in case of system downtime or failure. The strength of its security efforts is evidenced by its meeting of several respected compliance standards, including PCI DSS, ISO 27001, OWASP, and NIST 800. Furthermore, a group of independent auditors frequently audits and reviews its operations and infrastructure to confirm it is secure enough to support its customers.
The company offers convenience by making operations simpler for clients. Its solution makes it easy to set-up two-factor authentication. Because Duo supports various remote access tools, the feature can be deployed for almost any application within hours. Its solution also conducts automatic security and feature updates to its cloud-based platform every two weeks. Lastly, Duo ensures an uptime for the platform that exceeds 99.995% with a hard service-level guarantee.
The company demonstrates strong performance through tangible results. High-profile examples of positive outcomes for clients include the following:
- The University of Michigan’s Departmental Computing Organization (DCO) used Duo’s solution to protect its network, resulting in zero compromised accounts since it was deployed
- American Public Media used Duo’s solution to implement two-factor identification, resulting in deployment of the security feature across its 52 public radio stations within just two weeks
- Facebook used Duo’s solution to deploy two-factor identification, resulting in an increase in computers covered by the feature from 300 to over 10,000 employees The company has established a strong brand due to its success. It serves over 3,000 organizations and millions of individuals globally. Prominent corporate clients include Toyota, Random House, Twitter, Etsy, Paramount Pictures, Accenture, and NASA. Also, it has won a number of honors, including recognition as one of the Top 20 Cloud Security Vendors by CRN (2011), recognition as one of the Sibos Innotribe Challenge Top 10 by SWIFT (2011), and a SINET Innovator Award, sponsored by the United States Department of Homeland Security (2010).
Channels
Duo’s main channel is its direct sales team. The company promotes its offering through its website, social media pages, and participation in summits, symposiums, and conferences.
Customer Relationships
Duo’s customer relationship is primarily of a self-service, automated nature. Customers utilize the service through the main platform while having limited interaction with employees. The company’s website features a “Resources” section that includes eBooks, videos, and infographics. The site also provides answers to frequently asked questions.
Despite this orientation, there is a personal assistance component. The company provides general phone, e-mail, and live chat support. It also offers Duo Care, a premium support service that provides access to the following:
- A Customer Success Manager, who advises clients in areas such as administrator training, development of user enrollment plans and security policy, and delivering of customer launch kits. This person acts as the main point of contact, handling the majority of issues.
- A Customer Solutions Engineer, who provides consulting, best practices, and architectural strategies as clients roll out their first deployment. After implementation this person primarily acts as a technical expert who provides product updates and future planning. Beyond these two components, there is a community element in the form of a peer forum.
Key Activities
Duo’s business model entails maintaining a robust cloud-based platform for its clients.
Key Partners
Duo does not maintain any formal partnership programs. That said, it forms strategic alliances with other organizations from time to time in order to enhance offerings for its customers. High-profile examples of these include the following:
- The company is a member of the FIDO Alliance, whose mission is to reduce reliance on passwords in the process of user authentication. Duo’s FIDO Ready line of products supports the Fast IDentity Online FIDO Universal Second Factor (U2F) specifications.
- Duo partners with LastPass, a top password manager solution, by integrating its mobile-based two-factor authentication solution into the LastPass password management platform.
- Duo partners with Covisint, a cloud-based enterprise collaboration solution provider, to integrate its two-factor authentication solution into Covisint’s platform for multi-factor authentication. ### Key Resources
Duo’s main resource is its proprietary software platform, which serves over 3,000 organizations. It depends on its human resources such as engineers to maintain the platform, consultants to provide advisory services, and customer service staff members to provide support. It also relies on a team of top mobile, app, and network security experts to help develop its solutions. Lastly, as a relatively new startup it has relied heavily on funding from outside parties, raising $51.5 million from six investors as of April 2016.
Cost Structure
Duo has a cost-driven structure, aiming to minimize expenses through significant automation and low-price value propositions. Its biggest cost driver is likely cost of services, a variable expense. Other major drivers are in the areas of customer support/operations and sales/marketing, both fixed costs.
Revenue Streams
Duo has one revenue stream: revenues generated from the subscription fees it charges for monthly access to its software-as-a-service platform. Subscription plans are as follows:
- Business – Provides basic two-factor authentication for a client’s entire team and secure on-premises apps. Costs $1 per user per month.
- Enterprise – Provides advanced two-factor authentication with administration features, as well as secure on-premises and cloud apps. Cots $3 per user per month.
- Platform – Provides a full “Trusted Access” suite with everything from the Enterprise plan, as well as adaptive authentication and BYOD, Mobile, and Cloud Security. Costs $6 per user per month.