This summer, U.S. CIO Suzanne Kent laid out the three pillars of the federal cloud computing strategy. Pillar number one: security. This tracks with what our government customers have been telling us for years: security is paramount. That’s why we’re pleased to announce that Cisco acquisition Duo Security, the leading multi-factor authentication and Zero Trust for the Workforce provider, has achieved FedRAMP authorization.

FedRAMP-authorized cybersecurity DUO Cisco

In tandem with its authorization, Duo is announcing its public sector-tailored Federal MFA and Federal Access product editions, delivering strong cloud-based authentication and device visibility with FedRAMP-authorized security controls at their core. Duo Federal editions are built to enable customer compliance with FIPS 140-2 compliant authentication standards and align with National Institute of Standards and Technology (NIST) SP 800-63-3 guidelines. Duo Federal editions meet Authentication Assurance Level 2 (AAL2) with Duo Push or Duo Mobile Passcode for both iOS and Android Devices out of the box, and by default, with no additional configuration required.

Security Matters

We know that the federal government maintains highly sensitive civilian and national security data and information. Protecting that data is a top priority. As more applications, data and identities move to the cloud, government administrators will need to come to grips with the subsequent loosening of control over their network perimeter. Hackers are taking advantage of the increased attack vectors, and government is looking to technology experts to help mitigate those threats.

Security and global certification have been a priority for Cisco for decades, and we provide more hardware-certified products than many other vendors out there. Before a government agency buys a piece of hardware from Cisco, we have already done the work to ensure that it has all the certifications and protections needed for it to be placed within that government network. Now, as agencies move to cloud, we are doing the exact same thing with all of our SaaS offerings, including Duo.

FedRAMP-Authorized security Duo Cisco

Duo Builds on Cisco’s FedRAMP offerings

Cisco is committed to delivering FedRAMP solutions that help agencies achieve their missions with simple, strategic and secure digital capabilities. Cisco offers FedRAMP-authorized solutions for communications (Cisco Webex Meetings) and collaboration (Cisco Hosted Collaboration Solution for Government and Webex for Defense formerly known as Cisco Hosted Collaboration Solution for Defense).

The addition of Duo to Cisco’s FedRAMP portfolio adds to our FedRAMP-authorized security offerings. Already, Cisco’s Cloudlock has helped agencies secure cloud identities, data and applications. It provides actionable cybersecurity intelligence and reliable visibility and control in mission-critical cloud environments.

Cisco’s Commitment to Cloud

As I wrote in July, Cisco is committed to helping government have a cloud-ready network. We know it helps them drive IT modernization, increase efficiency in government and allows agencies to be mission-ready.

A piece in Government Executive recently noted, “Cisco is working to provide a unified management interface and strategy that can address all cloud computing deployments across the federal government’s many diverse missions, objectives and security requirements. This is being accomplished without restricting either an agency’s choice of cloud infrastructure provider, or the type of cloud instances that the government can install.”

We’re proud that Duo joins our growing list of FedRAMP-authorized offerings for government customers.

Duo Federal MFA and Duo Federal Access editions are now listed on FedRAMP Marketplace.




Nick Michaelides

Senior Vice President

US Public Sector