How to Set Up Duo MFA for Customers and their Staff

Customer Duo MFA Set Up

  • Customer decides to use MFA and contacts Duo to determine any need to create an account and potential costs associated with usage. 
  • In iCM, Customer selects Admin Tools-> iCM Account Settings-> MFA Settings 
  • Customer toggles MFA slider. This requires MFA for all Staff.

  • Duo requires an account and the customer must obtain the following information directly from Duo

  • Roles Included: If the Customer wants to require MFA for specific Roles, the Role should be added here.
  • Staff Included: If the Customer only wants MFA to apply to specific Staff, Staff names are to be added here.
  • Staff Excluded: If the Customer wants to exclude Staff from MFA, staff names should be added here.
To obtain the required information from Duo, customers will need to go to Duo Dashboard->Add New->Applications
  • Search Web SDK => click protect => save the Application.
  • Saving the application will provide the following information for entry into iCM


Staff Duo MFA Set Up

  • MFA required Staff will be required to download the customer’s choice of MFA.  This process should be completed prior to following the procedures below for Duo or Other options.
  • Staff access iCM and enter their username and password.
  • On their first attempt they will see the following screens to set up their Duo account.

image

  • Choose Mobile phone

image

  • Staff will enter their phone number.

image

  • Provide phone type

image

  • Staff will follow the prompts to download and install Duo, if needed, or select I have Duo Mobile installed

image

  • When Duo is installed, Staff will open Duo on their phone and scan the QR code

imageimage   image

  • After scanning the QR code on their phone, Staff will continue to finalize their DUO account on their phone and should select Allow notifications. 
  • Returning to the computer screen, the following will be displayed and Staff will select Continue to Login

image

  • This screen will then appear and Staff should select Send me a Push

image

  • Staff will see the following on their phone and should select the Approve option. Selecting the Approve option will now finalize the Staff’s login to iCM and the iCM Dashboard will automatically display

image

  • Now that the procedure is fully implemented, future login attempts will automatically send a DUO notification to the staff’s phone.  Staff will open Duo on their phone, select the Approve option and the iCM Dashboard will automatically be displayed.

Customer Requirements for Resetting a Staff's access due to Staff accidentally deleting the MFA or changing phones

  • Customers will need to access their DUO account, locate the Staff's account and reactivate their access.

Still need help? Open a Ticket Open a Ticket