Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


Duo-InCommon Program Update

Nov 18, 2015, by Nick Lewis
Tags: Duo Security, InCommon

InCommon has been working with Duo Security for over three years and Duo has, and continues to be, a strong partner to the higher education community. Both InCommon and Duo have experienced consistent growth over the past few years and recently have engaged in expanded global activities. In terms of the InCommon/Duo program, the fiscal quarter ending in October 2015 was one of the busiest for the program with 11 campuses signing up bringing to 74 the total number of campuses taking advantage of this two-factor authentication solution.

At the Internet2 Technology Exchange in October there was substantial interest in Duo and multifactor and I would like to thank Duo Security and the community for coming out in force to talk about Duo deployments in higher education. Zach Urlocker, Duo Security chief operating officer, and a team from Duo came out to hear first hand about how campuses are deploying Duo, common pain points for campuses, and the heightened interest in implementing two-factor authentication to protect students, faculty, and staff. Archives of the presentations and netcasts can be found on the conference website.

Earlier this year Duo introduced a new edition (“Platform”) that aims to help security teams gain visibility into user behavior, enabling organizations to create secure access policies that work for their users and their security teams. Several campuses have already shown interest in the new edition to augment their information security programs and had pressing projects to deploy the new service, so couldn’t wait for the NET+ process with Duo to introduce the new edition. To meet the pressing campus need, the Duo/InCommon agreement was minimally updated to include the Platform edition. This included a change by Duo in the hospital pricing to go from a bed-count model to a user-count model. 

As part of Duo’s introduction of the Platform product, Duo has also updated their overall pricing structures for the first time in the history of the InCommon/Duo program. The new pricing from Duo is now posted on the InCommon website. There was an increase in the Duo Enterprise, but the transition plan for existing campus subscribers hasn’t been determined. This transition plan will be developed by the campuses and Duo as part of the NET+ program development process. We worked with Duo on the price change to help them balance the budget challenges for campuses with Duo’s increased pricing.

With the growing community interest in and adoption of Duo, several campuses suggested establishing a Duo Security Service Advisory Board to coordinate the community’s engagement with Duo, continue to improve the program, and keep the direct lines of feedback flowing. We’ve already had several meetings with interested campuses and will be formally setting up the group over the next few months in conjunction with establishing a new NET+ Duo program.

While the InCommon/Duo program was growing, the community developed the Internet2 NET+ program to shape campus adoption of cloud services. Since the Duo program preceded NET+, the standard NET+ Service Validation process was never completed. Campuses have since identified many areas where the NET+ approach could bring additional benefits or enhance the Duo offering. Internet2 and a group of our member universities will be working on developing a NET+ agreement with Duo over the next couple of months and will have updates for the community in early 2016. Although several current InCommon/Duo program participants have already volunteered to help develop the NET+ Duo program and to represent the needs of the community, we would be glad to welcome others. If you’re interested in participating or finding out more, please contact me (NET+ Program Manager, Security and Identity) or

We are also planning on moving from the current email list for community discussion and questions to the web-based Internet2 Forum. More details on this transition will be coming out by the end of the year.

I am excited to lead this work and to drive the higher education community to 100% adoption of two-factor authentication for systems that require such protection. This is a lofty goal, but is necessary to ensure campuses are adequately protected. Beyond Duo or multifactor solutions, I’m also interested in hearing about identity and security related services you are deploying on your campuses or those that you think would provide value to the community if developed as NET+ offerings so please feel free to get in touch if you have other comments or suggestions.

UPDATE: December 4

Since posting this Duo-InCommon Program Update two weeks ago, we’ve gotten several questions about Duo’s price increase, specifically how campus renewal pricing would work.

Campuses that are joining the InCommon Duo program will use the new pricing, while the existing 80 current program participants will be grandfathered in to the current pricing structure for renewals. Renewals will have up to a 7% annual increase over the existing subscription price and campuses will have 1 year to budget for this price increase. InCommon invoices 2 months out for renewals, so campuses already invoiced for renewal will use their invoiced price and transition on their next renewal.

The next step for the program continues to be ongoing work on a NET+ agreement, which would include the standard community contract language around pricing and renewals. Once the campuses, Duo, and Internet2 complete work on the NET+ agreement, there will be more information about how campuses can transition from the InCommon agreement to the NET+ agreement. 

If you have any questions on the price change, please contact me (NET+ Program Manager, Security and Identity) or

Are you a NET+ Campus?
Don’t miss regular updates on strategies and resources to swiftly deploy user mobility in the Cloud. Sign up to receive the latest Cloud strategies and Internet2 NET+ News today.