No. The Duo Mobile App does not store any data, therefore it would not have anything subject to FOIA or subpoena. However, staff should realize that if they choose to put district email on their personal cell phones, that may open them up to FOIA, subpoenas, etc. 

Two-factor authentication adds a second layer of security, keeping your account secure even if your password is compromised. Verifying your identity using a second factor (like your phone or other mobile device) prevents anyone but you from logging in, even if they know your password. With Duo Push, you'll be alerted right away (with the app) if someone is trying to log in as you. 

We have to use it to keep our accounts safe and secure. Most companies are beginning to require MFA and even our cybersecurity insurance provides better rates when MFA is in place because it greatly reduces the risk of a breach involving usernames and passwords. 

Duo will ask for a code when you log into your email or anything that uses your Google login.  If you are already logged in, it will not ask you to authenticate.  Authentication typically lasts around 14 days on the same device.

Currently we are implementing MFA for Google accounts only which are tied to most of our programs. More accounts will be added based on both the requirement of the company (like Tableau) and the level of security needed. 

If your authentication device (phone or tablet) does not have internet connectivity or a network signal, you can use the DUO app to generate a one-time passcode. 

The D5 Technology Helpdesk can generate a unique bypass code and provide it to you during work hours. *Note that bypass codes are only intended as a temporary authentication method and can only be used once. 

Yes.  Anytime access is being sought and an username and password is needed, users will be prompted to “allow” the access. Being inside or outside of the district network is not a factor.