10 Years of Partnership: Grab Scales Security Across Southeast Asia with JumpCloud

Across Southeast Asia, Grab is more than an app; it is an essential part of daily life. From a driver navigating the bustling streets of Jakarta to a small merchant accessing business loans for the first time in the Philippines, Grab is the indispensable superapp relied upon by over 52 million people every month. 

Behind every ride and transaction lies a massive mission: driving economic empowerment across Southeast Asia. To fulfill this promise, Grab manages a complex, region-wide ecosystem of mobility, delivery and financial services that 1 in 15 Southeast Asians use for everyday needs. For Grab, building a secure, frictionless IT foundation is paramount, so that its teams can focus on what they do best: innovating to make digital services accessible for millions of people in the region. This is when JumpCloud came into consideration.

Here are some key impacts at a glance:

Faster expansion of new offices with zero on-prem footprint.

Significant reduction in phishing risk via hardware-bound authentication.

Automated credential rotations to maintain seamless compliance.

The Enterprise Challenge: Identity as the Digital Foundation

For a large-scale enterprise like Grab, managing a regional workforce requires a holistic approach that bridges HR, security, and operations. At this scale, a fragmented identity system creates friction points that slow down innovation and increase security risks.

Grab recognized that they needed a centralized identity platform. This meant moving away from siloed tools and towards a unified platform that could manage diverse device access (macOS, Windows, Linux), secure access to thousands of SaaS and on-prem applications, and provide real-time visibility for compliance. By establishing a unified identity system, Grab could ensure  its security remained robust as it scaled.  

Digital Transformation: The Shift to Cloud-Native Identity (2016)

In 2016, Grab stood at a critical architectural crossroads. They were rapidly expanding into new cities to set up fully functioning local offices. The traditional path led towards Active Directory (AD), but for a cloud-native organization like Grab, adopting a (then) hardware-intensive approach felt like a limiting factor.

In the complex landscape of Southeast Asia, the cost and complexity of interconnecting physical data centers made a hybrid setup unfeasible.  Whichever platform Grab chose needed to serve its needs for multi-protocol versatility.

Ultimately, JumpCloud emerged as a key enabler, offering a full-stack “Open Directory” that spoke every language Grab needed: 

  • LDAP for legacy tools and applications, 
  • SAML for their rapidly expanding SaaS stack, 
  • SSH for cloud servers, and 
  • RADIUS for secure regional Wi-Fi among others. 

Grab effectively deployed LDAP, RADIUS, and dozens of SAML connectors, centralizing their digital world and setting the stage for a decade of growth without the weight of legacy hardware. They then connected every workstation and server through native authentication protocols per platform.

Attribute-Based Governance: Scaling with Dynamic Groups

As Grab’s workforce grew, the complexities of manual user management evolved from a routine task into a significant operational challenge. To maintain velocity, Grab evolved its identity layer into a self-orchestrating environment by leveraging JumpCloud’s Attribute-Based Access Control (ABAC). This shift allowed Grab to move from static, manual assignments to a dynamic model where identity governance is automated based on attributes:

  • Zero-Touch Onboarding: The moment a new “Grabber” joins the organization, their unique attributes such as Department, Role, and Geography, instantly trigger membership in specific Dynamic Groups. Within seconds, they are provisioned with the exact applications, devices, and security policies required for their role, eliminating manual ticketing and ensuring Day-1 productivity.
  • Self-Healing Compliance: Dynamic Groups serve as a continuous audit mechanism. Should an employee change roles or depart, their attributes update automatically, and JumpCloud revokes access to sensitive resources in real-time. This maintains a rigorous “Least Privilege” posture and effectively eliminates the risk of permission creep.
  • Identity Synchronization: JumpCloud serves as the central identity engine, ensuring that user identities remain synchronized and secure across the entire fleet. This allows Grab to maintain a consistent and unified identity posture, regardless of the specific endpoint being utilized by the workforce.

User-Centric Security: Implementing JumpCloud Go™

With a mature, automated foundation in place, Grab’s next evolution focused on the front end of the security experience. By adopting a phishing-resistant, passwordless experience with Jumpcloud Go™, Grab has enabled its workforce to operate even faster.

  • Optimized User Experience: By leveraging hardware-bound biometrics like TouchID and Windows Hello, Grabbers now access their tools with a single touch. This eliminates MFA fatigue, replacing it with a seamless path to productivity.
  • Invisible Protection: While the experience is effortless for the user, security is robust and constantly verified. JumpCloud Go ensures that only a verified Grabber on a healthy, managed device can access their online work environment, while continuous posture checks neutralize credential-based threats before they reach the ecosystem.

The Programmable Directory: Security as a Craft

As a technology leader, Grab views identity as an engineering discipline. They required a directory that wasn’t just a database, but a programmable platform. To enable this, JumpCloud delivered high-performance API capabilities that allow Grab’s SecOps teams to automate governance at a global scale.

I. Precision MFA: Context-Aware Authentication

Grab’s team collaborated with JumpCloud to implement an MFA Push API. This allows Grab to trigger identity verification for specific, high-stakes administrative actions. It is a surgical approach to security, protecting the keys to the kingdom without interrupting the daily flow of the wider organization.

II. Operational Excellence: Automated Credential Lifecycle Management

As part of Grab’s ongoing security maturity initiative, they identified a need for the programmatic password rotation of administrative accounts. Through a strategic partnership with JumpCloud, they successfully deployed a password reset API tailored specifically for administrative account management.

This capability established a foundation for automated credential lifecycle management and directly supported strict security compliance requirements. 

lll. Zero Trust & Conditional Access

Leveraging JumpCloud’s Conditional Access policies, Grab is implementing a robust Zero Trust framework that mandates “never trust, always verify” for every Grabber. This system will evaluate real-time telemetry (including identity verification, device health, and network trust) before granting access to critical cloud resources and internal applications.

Key Outcomes: A Decade of Scalability and Compliance

This partnership has redefined what it means to scale a modern enterprise securely. By choosing an enabler that grows with them, Grab has achieved:

Conclusion: The Blueprint for the Next Decade

After ten years, the Grab and JumpCloud story is no longer about a vendor and a client; today, it is about two technology companies co-authoring the future of secure work. 

JumpCloud has been our quiet engine for ten years. From solving ‘Admin Chaos’ in 2016 to enabling a passwordless future today, they have allowed us to focus on our true mission: empowering millions of everyday people across Southeast Asia.

—Kenneth Wong, Head of Grab Technology Solutions 

About JumpCloud

The JumpCloud Directory Platform provides secure, frictionless user access from any device to any resource, regardless of location. Get started, or contact us at 855.212.3122.