Enable JumpCloud Password Manager Cloud Backups

Cloud Backups give admins a secure fallback method to minimize the chance of data loss. The cloud backup is encrypted and requires a private decryption key, stored by the admin, to restore the backup. 

Key Features:

  • The backup never leaves the device in plaintext.
  • The decryption key is never sent in plaintext.
  • There is never a scenario in which the cloud has access to both the encrypted backup file and also the decryption key.
  • Admins do not have access to the data in the backup file.

Note:

Cloud backups are enabled in the admin portal, and then available in the desktop app for Mac, Windows, and Linux. Restore From Cloud Backup is not available on the mobile app.

Enabling Cloud Backups

  1. Log in to the JumpCloud Admin Portal.
  2. Go to User Authentication > Password Manager, and go to the Settings tab.
  3. Click the Enable Cloud Backups button.
  4. On the popup modal, give the private key a name, and then click Generate Key.
  5. If the download does not happen automatically, click Download Key.

Important:

The admin is responsible to download and store the private key in a secure location. The data will not be accessible without the private key.

Regenerating a Cloud Backup Private Key

Once a private key has been created, it can be regenerated. Once this happens, the original key becomes disabled, and the new key only applies to the cloud backups going forward. Previous backups will need to be decrypted with the old key.

Disabled Keys

Once a key is regenerated, the old keys are Disabled Keys and are still accessible in case some users are backed up with that key.

Deleting a Cloud Backup Private Key

Only disabled keys are eligible to be deleted. When such disabled key is deleted, any older backups using that key are also deleted.

Note:

This is a best practice step for when keys are changing hands.

Click Delete Key, and select Delete again at the confirmation modal.

Disabling Cloud Backups

Disabling Cloud Backups will delete all keys and all cloud backups.

  • Click Disable Cloud Backups and select Disable at the confirmation modal.

Restoring Users from Cloud Backups

If a user requests to restore from cloud backup, the admin will see notification of that request on the Overview tab, the Users tab, and the Settings tab.

  • In the Users tab, a label appears under the user’s name indicating the request.
    • You can select Restore from Cloud Backup or Reject Restore from Cloud Backup from the individual actions menu or from the global actions dropdown menu.
  • In the Settings tab, a notification banner indicates the number of users who have requested restore from cloud backup.
  • Select Review to see a list of the users with requests and use the selection checkboxes to Reject or Continue with the restore process.
  • In both the Users and Settings tab, after you select to restore accounts, you have to upload the appropriate private key file.
    • If approving multiple accounts at once, you likely need to upload multiple key files.
    • After the file is chosen, the Restore x User Accounts button is activated.
  • If you reject the request, you are notified that the user will have to initiate a new request once this request is rejected.
Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case