DUO
      Back to home
      1. Knowledge Base
      2. Data Sources
      3. DUO

      Enabling DUO 2FA Phishing Simulations

      How to enable DUO 2FA phishing

      Enabling the DUO integration will allow CultureAI to monitor and assess how securely employees are using multi-factor authentication, by running duo push notification phishing simulations.

      To enable DUO phishing, you will need to create an application with DUO for CultureAI. This will allow us to access your DUO users, and send them out notifications.

      Requirements 

      • Owner, Administrator, or Application Manager user level in DUO
      • Platform Admin access in CultureAI
      • Push Notifications enabled on DUO

      Good to know

      • If you don't have DUO push notifications enabled in your DUO application, our phishing simulations won't come through to your users. Please ensure you have this enabled.
      • The emails your users have in CultureAI, will need to match the username in DUO. If this doesn't match, we won't be able to send out our phishing simulations.

      Steps

      1. Login to your DUO account
      2. Follow the steps on DUO's guide here to create a new application (DUO calls this 'Protecting')
      3. When you choose what application type you'd like to create, select the 'Auth API' option
        image (10)
      4. When you get to the 'Username normalization' section, choose the 'None' option
        image (11)
      5. Follow the steps in the guide till you reach the page that gives your App key, API URL/hostname and Secret key
        Application Information
      6. Copy these keys and save these keys
      7. Now head back to your CultureAI Admin dashboard
      8. Click on the cog symbol along the top bar of your dashboard
      9. Click into the 'Attack Simulations" section through and locate the 'Duo 2FA Phishing' integration
      10. Click on the 'Configure Duo' section and enter in the keys that you saved earlier
      11. Click "Save"


        Now it's time to configure your DUO Phishing settings
      12.  Click on the 'Assessment Frequency' tab
      13. Drag the two sliders around to choose the minimum and maximum amount of Phishes you'd like your users to receive over a 12-month period
        We recommend setting this at around 15-30, however, you can set this higher or lower
      14. Click 'Save'
      15. Next click on the 'Assessment Configuration' tab
      16. Here you choose how many points you'd like your users to awarded for reporting a DUO phishing login attempt. They will be deducted the same amount for approving a phishing attempt. 
        This will impact your users leaderboard score, if you're using it.
      17. Once you're happy, click 'Save'

        Lastly, you can configure what users should be included in DUO phishing
      18. Click on the 'Included Users' section 
      19. Press the drop-down to see your options, you can include all users, or choose certain groups to include
      20. If you want to only phish certain user groups, click the 'Include and/ or exclude users' option
      21. A new section will have appeared where you can choose which User Group you'd like to include or exclude
      22. Click on the red and green buttons to move users to the 'Disabled User Group', or the 'Enabled User Groups' boxes
        Any users in the 'Disabled' box, will not receive any DUO Phishing notifications, any in the 'Enabled' box will be sent DUO Phishing notifications 
      23. Once you're happy with your groups, click 'Save'
      24. Now you can enable DUO!
      25. Click the 'Enable' button at the top of the page
      26. You're done! The button should now be green, and your users will start to receive DUO phishing notifications