How to enable DUO 2FA phishing
Enabling the DUO integration will allow CultureAI to monitor and assess how securely employees are using multi-factor authentication, by running duo push notification phishing simulations.
To enable DUO phishing, you will need to create an application with DUO for CultureAI. This will allow us to access your DUO users, and send them out notifications.
- Owner, Administrator, or Application Manager user level in DUO
- Platform Admin access in CultureAI
- Push Notifications enabled on DUO
Good to know
- If you don't have DUO push notifications enabled in your DUO application, our phishing simulations won't come through to your users. Please ensure you have this enabled.
- The emails your users have in CultureAI, will need to match the username in DUO. If this doesn't match, we won't be able to send out our phishing simulations.
- Login to your DUO account
- Follow the steps on DUO's guide here to create a new application (DUO calls this 'Protecting')
- When you choose what application type you'd like to create, select the 'Auth API' option
- When you get to the 'Username normalization' section, choose the 'None' option
- Follow the steps in the guide till you reach the page that gives your App key, API URL/hostname and Secret key
- Copy these keys and save these keys
- Now head back to your CultureAI Admin dashboard
- Click on the cog symbol along the top bar of your dashboard
- Click into the 'Attack Simulations" section through and locate the 'Duo 2FA Phishing' integration
- Click on the 'Configure Duo' section and enter in the keys that you saved earlier
- Click "Save"
Now it's time to configure your DUO Phishing settings
- Click on the 'Assessment Frequency' tab
- Drag the two sliders around to choose the minimum and maximum amount of Phishes you'd like your users to receive over a 12-month period
We recommend setting this at around 15-30, however, you can set this higher or lower
- Click 'Save'
- Next click on the 'Assessment Configuration' tab
- Here you choose how many points you'd like your users to awarded for reporting a DUO phishing login attempt. They will be deducted the same amount for approving a phishing attempt.
This will impact your users leaderboard score, if you're using it.
- Once you're happy, click 'Save'
Lastly, you can configure what users should be included in DUO phishing
- Click on the 'Included Users' section
- Press the drop-down to see your options, you can include all users, or choose certain groups to include
- If you want to only phish certain user groups, click the 'Include and/ or exclude users' option
- A new section will have appeared where you can choose which User Group you'd like to include or exclude
- Click on the red and green buttons to move users to the 'Disabled User Group', or the 'Enabled User Groups' boxes
Any users in the 'Disabled' box, will not receive any DUO Phishing notifications, any in the 'Enabled' box will be sent DUO Phishing notifications
- Once you're happy with your groups, click 'Save'
- Now you can enable DUO!
- Click the 'Enable' button at the top of the page
- You're done! The button should now be green, and your users will start to receive DUO phishing notifications