Industry News

Identity Security Looks Different by Industry. Here’s How MSPs Can Keep Up.

Identity attacks are at the heart of most security breaches, year after year. Despite their role as a primary entry point, confidence in stopping those attacks remains low. Only 33% of leaders trust their identity provider to prevent identity-based threats, even as budgets rise and urgency spikes. With 82% increasing identity security spend and 85% shifting to security-first identity strategies to counter AI-driven attacks, the gap is no longer awareness, it is execution. Identity itself is evolving. Modern identity is not just humans, it also includes machine identities such as service accounts, APIs, cloud workloads etc., increasing complexity.

So what does this mean in practice? As identity expands beyond users, are your customers ready? And as a managed service provider (MSP), are you ready to support them?

Cisco Duo makes it a win-win by delivering identity security that’s simple for users and manageable for MSPs, so it’s easier to adopt, easier to support, and easier to scale. Don’t compromise strong security for user experience. Instead, skip the complicated logins and constant prompts, and make identity security easy. This means fewer support tickets, less operational overhead, and a service that’s actually scalable for you as a service provider. As one customer put it:

Every customer is different

Depending on the industry, your customers may face different challenges and regulations. Let's look into this.

Finance – With some of the highest breach costs in any industry and highly sensitive data at stake, protecting customer data is critical. Phishing-resistant MFA helps protect sensitive customer data while detailed logs and reports make it easier to support compliance reports aligned to standards NIST, FFIEC, NYDFS, PCI‑DSS, and FTC Safeguards.

Duo named a Buyer’s Choice Award winner in the TrustRadius Authentication category for 2025 based on peer reviews written by practitioners, consultants, decision-makers and others who have experience using Duo.

Healthcare – In healthcare, every access decision affects real people, patients, families and staff. The goal is simple: deliver the best care possible, safely. At the same time, access has to meet HIPAA requirements without getting in the way of care delivery. Duo helps MSPs strike that balance by securing ePHI and clinical systems with strong authentication and device trust while SSO and paswordless options ensure clinical workflow isn’t slowed down.

KLAS Research, a leading research firm in the healthcare industry, announced that Duo has been ranked #1 in the category of Access Management two years in a row! Based on extensive feedback and evaluations from healthcare professionals across the nation, Duo's Multi-Factor Authentication (MFA) product was measured against the competition in key criteria including culture, loyalty, product, relationships, operations, and value. By providing secure access for every user, every device, and every application, Duo was declared the clear choice.

Retail – Retail moves fast and secure access needs to keep up, especially in environments that handle sensitive credit card data. Duo helps MSPs secure POS, cloud, and legacy retail systems with phishing-resistant access and device trust. Centralized visibility and access logs support PCI DSS 4.0 requirements, while passwordless login and self-service enrollment make it easier to onboard seasonal staff and reduce support tickets.

Cisco Systems is a 2025 Customers’ Choice for the ‘User Authentication’ market on Gartner Peer InsightsTM based on reviews submitted for Cisco Duo.

Education – With security staff and budgets stretched thin, schools have become popular targets for attacks. From shared Chromebooks to cloud-based learning platforms, access needs to be secure without adding friction for students and educators. At the same time, schools are responsible for protecting student data under regulations like FERPA, controlling who can access records, enforcing permissions, and maintaining clear audit trails. Duo helps MSPs meet those requirements by enforcing strong authentication, SSO, and device trust across K–12 and higher education.

Legal – Protecting client confidentiality is non-negotiable. Duo helps MSPs safeguard attorney-client confidentiality by enforcing trusted access that verifies user identity and device health before allowing access to email, applications, and client data. By blocking unauthorized users and unhealthy devices, Duo supports compliance with the ABA Model Rules of Professional Conduct, including Rule 1.6(a) and 1.6(c), while providing secure MFA, SSO, and comprehensive protection across cloud, VPN, remote, and on‑premises systems to prevent data disclosure without disrupting legal workflows.

SaaS/technology providers – Constant changes is the norm for SaaS. Teams change, tools change, and new environments and third parties are introduced all the time, so access controls need to adapt just as quickly. Duo helps MSPs enforce trusted, phishing-resistant access by verifying user identity and device security posture before granting access to cloud applications, VPNs, and developer environments. Continuous monitoring, risk-based policies, and location-aware controls help detect and block anomalous or risky access, while phishing-resistant passwordless authentication, SSO, and centralized reporting reduce credential exposure without adding operational complexity for teams.

Ready to take your managed identity services to the next level? Discover even more in our eBook: The industry-focused IAM Playbook for MSPs.