Portside is a software company providing modern SaaS solutions for the global aviation industry, powering all aspects of day-to-day operations for business aviation, regional commercial airlines, and aircraft leasing & finance customers. Founded in 2017, the company has dual headquarters in San Francisco, CA and the Research Triangle Park area in North Carolina and employs close to 300 people serving over 1,100 enterprise customers worldwide.
Needing to build & deliver a unified security strategy
Over the last few years, Portside has been growing both organically and through a series of strategic acquisitions. As the company continued acquiring businesses and expanding its product portfolio, management saw the need to develop a more mature enterprise security strategy. So, in August 2023, they hired Paschall Freeman as Portside’s inaugural chief information security officer (CISO).
“I joined as Portside’s first CISO to build a robust, enterprise-rated security program, largely from scratch,” Freeman says. “Much of that work involved establishing a unified security strategy across each of the portfolio companies — many of which were smaller and didn’t have in-house security expertise.”
From the company’s inception, Portside used Mac devices exclusively, managing them with Jamf. But as the company continued acquiring other businesses, they wound up with more and more Windows devices to manage.
“We became a 65–35 Mac-to-Windows shop,” Freeman explains. “So we really needed the tooling to be able to manage our Windows devices to the same degree and with the same simplicity as we could with JAMF.”
Choosing JumpCloud for unified device management
Since he didn’t want to have to use different tools to manage Mac and Windows devices, Freeman began looking for a unified device management solution that would enable him to manage both operating systems from one place.
“We needed good IT hygiene, and the problem we were trying to solve, just from a practical standpoint, is having a single pane of glass where we could manage both our Windows devices and Mac devices in one place,” Freeman continues.
Freeman was already familiar with JumpCloud, having administered it for several years at his previous organization. Even so, he did his due diligence, surveyed the market, and found a few other solutions to test.
I did a number of proof-of-concept trials with a number of different providers that could manage both Windows and Mac devices. And what I found is that JumpCloud was the only solution that just worked when I deployed it. The configuration was super simple.
Paschall Freeman, CISO
In addition to getting more control over their devices, the team was also hoping to have an easier time meeting and demonstrating compliance.
“Among the problems we were trying to solve was making sure that we were managing our fleet intelligently while also meeting the compliance objectives we need to meet and demonstrate for our SOC 2 audit,” Freeman says.
Since JumpCloud delivered on both fronts, Freeman ultimately decided that it was the perfect solution on which to build a distributed IT environment.
Shoring up devices & looking to leverage more features
Today, Freeman is using JumpCloud to manage 170 users out of the 300-person team that’s been assembled via acquisitions, with plans to complete the roll-out to all remaining users over the next couple of months.
The device management component has been an extremely useful and necessary tool.
Paschall Freeman, CISO
“The device management component has been an extremely useful and necessary tool,” Freeman says. “I frankly had some concerns in the beginning that it would not work as well decoupled from identity management and it’s not been a problem at all.”
Looking ahead, Freeman absolutely intends to further explore adding JumpCloud’s identity management capabilities to his deployment as the program he’s building continues to mature. In the meantime, he’s perfectly happy with the platform’s device management capabilities.
“It’s not as fine-grained control over the device as it would be if I had identity, but it still gives me sufficient control over the device to ensure that if something happens or someone’s leaving, we can secure the device for transit even though we won’t necessarily be able to disable the user’s account on the device,” Freeman explains. “If we need to lock a computer, all we have to do is go to the console and hit the lock button.”
Streamlining onboarding & offboarding
Freeman is using JumpCloud to streamline both the onboarding and offboarding processes, baking more security into Portside’s day-to-day operations.
[The remote wipe capability]’s been a really good addition to our process in terms of fleet management.
Paschall Freeman, CISO
On the onboarding side, Freeman is able to ensure new hires have secure devices from their first day.
“We’re using JumpCloud to simplify the deployment of our antivirus solution, particularly on Macs,” he says. “We’re able to push the security profile that puts all the settings in place for our antivirus, antimalware, and endpoint monitoring solution,” Freeman says. “In the past, when somebody got a Mac, it was a brand-new setup. They had to install the software and follow our onboarding checklist to configure a complex set of application permissions. Now we can just push that configuration profile directly from JumpCloud so all they have to do is run the installer and then it’s done and then they don’t have to think about it anymore.”
For offboarding, Freeman is able to clean devices to make sure there isn’t anything proprietary on them before churning employees send them back.
“We’ll use the remote wipe capability to wipe the machine before it even gets sent back to use so that it’s in a good state and doesn’t have any data on it while in transit,” Freeman says. “That’s been a really good addition to our process in terms of fleet management.”
Improving IT workflows with policies & commands
Currently, Portside doesn’t have a dedicated IT help desk; Freeman and the company’s DevOps team help colleagues navigate IT issues — another area where JumpCloud saves the day.
“They’ve been trying to troubleshoot things on user machines either pushing those commands or jumping into the remote terminal through Remote Assist to collect the data they need so that they can help the user and do so even transparently, which has been a really invaluable function — particularly since we are an entirely distributed company,” Freeman explains. “Having the Remote Assist capability has been really quite helpful.”
Portside is also using device groups to push out policies to developer machines.
“For example, we need to give our developers a little bit more permission to manipulate the firewall in their system, particularly for Windows users, so we’re using groups to push that policy,” he says. “The policy is bound to that group only so that only those devices take that policy.”
Bolstering compliance
JumpCloud also helps Portside bolster its compliance position.
“We can push out technical configuration policies — there must be a screensaver, there must be a password, the firewall must be enabled, disk encryption must be enabled and enforced and can’t be turned off,” Freeman says.
We can get a report out of JumpCloud when we need it for which devices are in compliance versus which aren’t and then go follow up on why that’s the case.
Paschall Freeman, CISO
When it’s time to pass an audit, Freeman can easily obtain the evidence they need from JumpCloud to demonstrate things like whether antivirus is installed on certain devices, for example.
Scaling together
Freeman has already used JumpCloud to shore up device management. As he looks ahead, he’s planning to explore the platform’s identity management piece further.
“One of the things that makes JumpCloud really attractive is that it does have the identity component that we could implement and then have it manage all the Active Directories that are sitting out in acquired Company A, the Oktas in acquired Company B, and the Entra ID’s over in Company C,” Freeman says. “We don’t have a solution for that yet, and that’s something that we are going to need to address soon.”
Once identity management is in place, Freeman is also looking to integrate Google Workspace, GitHub, Slack, VPN servers, and Jira with JumpCloud.
“I will definitely want to explore how we can use the zero trust features to secure how people are accessing company systems and data because we’ve got people all over the world in Australia, New Zealand, India, some parts of the near east, and all over Europe,” Freeman says.
On top of this, Freeman also hopes to deploy JumpCloud Go™ to further strengthen the organization’s security posture.
“I’ve seen JumpCloud grow up quite a bit, and I’ve also been pretty impressed with the leadership and the vision that your CEO and CTO have brought to the table as well because it’s clear that they know they have a product they want to build and they’re building it systematically,” Freeman says.
What would Freeman say to other organizations considering a solution like JumpCloud?
“I’d ask them whether or not they want a solution that just works,” Freeman says. “With all of the competitor solutions I tried, there was always some tricky thing — you had to install this or you had to push this policy or this feature just flat out didn’t work. That’s not the case with JumpCloud. It’s really as simple as it can possibly be. It’s quite a good solution for companies that are just starting to get into device management.”
Even better, you don’t necessarily have to be an IT expert to figure out your way around JumpCloud.
“JumpCloud makes it really easy to configure your management policies,” he says. “JumpCloud does a really good job of making it idiot-proof. It’s hard to misconfigure something. Certainly an experienced systems admin will have no trouble with JumpCloud. But even in smaller organizations where there’s maybe not a dedicated IT person, it’s easy enough to use. You don’t have to be super technical to figure it out.”
About JumpCloud
JumpCloud® delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.
To see the power of JumpCloud yourself, request a demo or start a 30-day trial today.