You and your users are prohibited from reselling, reverse engineering, or misusing the service in ways that harm Duo's platform or other users, including sending spam, transmitting malware, or attempting unauthorized access.
This analysis describes what Duo Security's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Violations of acceptable use restrictions are likely to constitute material breaches triggering the 30-day cure or termination provisions, and the broad scope of the restrictions means that even inadvertent misuse by an employee could create agreement risk.
Your organization is responsible for ensuring all employees and administrators comply with these restrictions, and a violation by any user under your account could trigger a breach of the agreement and potential service termination.
How other platforms handle this
You agree to comply with Adyen's Acceptable Use Policy, as updated from time to time, which forms part of these Terms and Conditions. Adyen reserves the right to update the Acceptable Use Policy at any time.
You may not use the Venmo services for any illegal purpose, to send money to any person or organization on a government sanctions list, for gambling, for purchasing or selling illegal goods or services, or for any activity that violates applicable law. You may not use Venmo for commercial transactio...
Customer and its Users must use the Products in accordance with the Atlassian Acceptable Use Policy. Customer is responsible for ensuring that Users comply with this Agreement and the Atlassian Acceptable Use Policy.
Monitoring
Duo Security has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Customer shall not, and shall not permit any User or third party to: (a) license, sublicense, sell, resell, transfer, assign, distribute or otherwise commercially exploit or make available to any third party the Services; (b) modify or make derivative works based upon the Services; (c) reverse engineer or access the Services in order to build a competitive product or service; (d) use the Services to send spam or otherwise duplicative or unsolicited messages; (e) use the Services to send or store infringing, obscene, threatening, libelous, or otherwise unlawful or tortious material; (f) use the Services to store or transmit Malicious Code; (g) interfere with or disrupt the integrity or performance of the Services or the data contained therein; or (h) attempt to gain unauthorized access to the Services or their related systems or networks.— Excerpt from Duo Security's Duo Terms of Service
(1) REGULATORY LANDSCAPE: Acceptable use provisions interact with the Computer Fraud and Abuse Act in the U.S. with respect to unauthorized access restrictions. Clauses prohibiting transmission of illegal content may engage various federal and state laws depending on the nature of the content. (2) GOVERNANCE EXPOSURE: Low to Medium. The restrictions are standard and the primary governance risk is ensuring that all administrators and users are made aware of and trained on these obligations, as the customer bears responsibility for all activity under the account. (3) JURISDICTION FLAGS: The prohibition on transmitting unlawful material may have different implications in different jurisdictions depending on local definitions of unlawful content. (4) CONTRACT AND VENDOR IMPLICATIONS: Acceptable use policies should be incorporated into customer IT policies and employee agreements to create an enforceable downstream obligation on users consistent with the customer's contractual obligations to Duo. (5) COMPLIANCE CONSIDERATIONS: IT security teams should implement technical controls that reduce the risk of malicious code transmission or unauthorized access attempts through Duo-protected systems, as such incidents could constitute agreement violations regardless of customer intent.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Violations of acceptable use restrictions are likely to constitute material breaches triggering the 30-day cure or termination provisions, and the broad scope of the restrictions means that even inadvertent misuse by an employee could create agreement risk.
Your organization is responsible for ensuring all employees and administrators comply with these restrictions, and a violation by any user under your account could trigger a breach of the agreement and potential service termination.
ConductAtlas has identified this type of provision across 8 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Duo Security.