Optimizing Cloud Directory Services for Remote Work

Written by Rajat Bhargava on August 12, 2020

Share This Article

Making remote work happen is what JumpCloud does. While the shift to remote work grew at a steady clip for years, no one quite predicted its sudden acceleration due to COVID-19. When the pandemic began, JumpCloud helped IT professionals to securely shift — and effectively manage — remote teams everywhere. The result: a notable 1H 2020 for JumpCloud. Here are a handful of things we thought they were worth sharing to shine the spotlight on the hard work being done by IT administrators, DevOps, and the team here at JumpCloud.

Customers:

Over the last year, tens of thousands of organizations created new accounts on JumpCloud’s unified identity access and device management platform. IT teams are using JumpCloud to reduce vendor footprint, making IT management easier and more cost-effective. These customers have varied use cases and needs, but there are a few trends that are easy to spot:

  • Replacing Active Directory: Active Directory was not designed to support modern work environments. Designed for a homogeneous on-prem Windows world, constrained by a physical location, AD does not support organizations that have Mac and Linux machines, or those who need to onboard and offboard employees working remotely. In the 1H of the year, thousands of organizations adopted JumpCloud to replace and extend Active Directory to support heterogeneous and remote environments. A few notables include Boulder Heavy Industries, Planview Utility Services Limited, The Culinary Academy of Las Vegas, and Zoro.
  • Consolidating SSO, MDM, and Directory: There’s increasing awareness that deploying multiple standalone tools and relying on an increasingly complex identity, access, and device management ecosystem has become too costly and complex. Many of our 1H customers chose the unified JumpCloud platform over the cumbersome challenge and high cost of integrating Okta, Intune / Jamf or AzureAD. These customers include Monster Labs, Fluid Attacks, and JPL Integrated Communications. 
  • Global expansion: The challenges that we solve are faced by organizations everywhere, and in 1H 2020, customers around the world selected JumpCloud’s platform for a diverse need of directory, identity and device management. We’re now in 140 countries and half of our revenue comes from outside of the U.S. Switzerland’s Leysin American School and India’s Mohalla Tech Pvt Ltd (Sharechat and Moj), are just a handful of the thousands of organizations from around the world using JumpCloud. We’ve also expanded our MSP program across 20 countries, with new partners like Escape, Faye Business Solutions, Focus Technology Solutions, KOVI, MacHero Inc., and RestorePoint Inc.

1H Product Innovation:

JumpCloud is disrupting the notion of directory, identity, and device management as separate categories. We are consolidating these technologies into our platform and defining the ‘new normal’ for administration of security in a new IT world order. We do it more efficiently, more broadly and less expensively than the alternatives. SC Magazine awarded us 5 stars in its recently released JumpCloud review and nearly 300 admins have honored us with reviews on G2. In the first half of 2020, our engineering team accelerated delivery with notable new functionality that is already in use by tens of thousands of our customers, including Nimbus Therapeutics, Octane Lending, Tuft & Needle, Pactera EDGE, and Bind. New features include: 

Security & Compliance Features

  • Directory Insights™ delivers visibility into user activity across JumpCloud endpoints — SAML applications, LDAP resources, RADIUS networks, MDM commands, Mac/Windows/Linux authentications, and more, in the cloud or on-premises, so you can provide compliance reports, investigate events, and remediate threats. No other directory or event logging solution aggregates this wide authentication and access dataset across these endpoints.
  • The JumpCloud Windows App streamlines credential management workflows and establishes the employee’s workstation or laptop as a trusted device. Employees safely manage and modify their credentials from within the confines of JumpCloud-managed Windows hosts, eliminating attack vectors such as phishing emails, deepfake portals, and similar social engineering methods which pose as a company’s mandated way to update passwords. (End users on Windows can still use the tried-and-true Ctrl+Alt+Del password change workflow to update their JumpCloud credentials natively and securely).
  • Enable WebAuthn multi-factor authentication (MFA) with hardware keys as an alternative to TOTP MFA for User Portal access. Never sacrifice security in remote environments — instead, allow users to self-register universal second factor (U2F) security keys like Yubikey, Google Titan, or integrated biometric scanners like Windows Hello and Mac Touch ID. 
  • Enforce MFA in more areas: Use MFA for RADIUS servers to add an extra layer of security for remote workers accessing your networks via VPN, and at login on Windows, macOS, and Linux devices with TOTP MFA to protect your JumpCloud-managed systems with a second authentication layer.

Device Management: Windows, Mac, & Linux OS

  • Apple MDM support in JumpCloud lets you remotely lock, restart, shut down, and erase end user Mac devices via point-and-click commands in the Admin Portal. Easily migrate and enroll macOS to JumpCloud with the macOS MDM enrollment policy (then deliver policies with MDM for JumpCloud-managed Macs).
  • Another JumpCloud Policy, the Custom Configuration Profile Policy, lets administrators upload and distribute MDM configuration profiles to JumpCloud MDM-enrolled macOS devices. Use this policy to deploy certificates, WiFi settings, kernel extensions, and much more to enrolled Macs.
  • System Insights™ provides real-time reporting across Mac, Windows, and Linux systems managed by JumpCloud, adding robust monitoring for system configurations, software asset and hardware data, and security settings, accessible in the Admin Portal for at-a-glance insights and in the JumpCloud API for even more detail. Also, check out the JumpCloud Powershell module for a System Insights dashboard.
  • Remote System Agent Installation lets your end users install the JumpCloud System Agent on their local device from their User Portal, so you can onboard and manage employees no matter their location. 
  • The JumpCloud Mac App, like the JumpCloud Windows App, provides passwordless User Portal access for macOS users, removing the friction of credential re-entry after device login so they can get to their work resources faster and more securely (and eliminating email- and web-based phishing attempts by verifying credentials with JumpCloud at the device level).
  • JumpCloud’s list of ready-to-use Policies has expanded for deeper device management across Mac, Windows, and Linux. In addition to new software restriction and browser management policies for Windows OS, Windows admins can also use a new advanced feature to customize GPO-like policies with the Custom Registry Keys Policy. macOS admins can use the brand new MDM Custom Configuration Profile Policy to upload and distribute MDM configuration profiles to JumpCloud MDM enrolled macOS systems.
  • Linux admins will see new policies for increased server security for CentOS 7, and JumpCloud now supports Linux Mint 19 Cinnamon (64 bit) and Ubuntu 20.04. 

User Authentication & Identity Management

  • Find nearly 700 pre-configured SSO SAML connectors in JumpCloud plus an enhanced universal SAML connector you can use for any other apps that support SAML for authN.
  • We’re expanding SAML Just-in-Time (JIT) and SCIM provisioning to make it easier to manage user application life cycles. With JIT, when a user launches an app for the first time, their account is auto-created on the application service provider’s side. Our SCIM support is growing fast, with Slack being the first application we support. Salesforce and Atlassian support are coming soon.
  • Customize the JumpCloud User Portal with app bookmarks, descriptions, and app logos to optimize your employees’ experience finding and using web apps and other corporate resources.

Directory Integrations & Tools

  • Deeper G Suite & Microsoft 365 integrations let you import users from G Suite and Microsoft 365 right from the Admin Portal’s Users list, and you can now integrate more than one G Suite directory with JumpCloud (and Microsoft 365 coming soon).
  • JumpCloud’s Active Directory Migration Utility (ADMU) is the easiest way to leave AD or Azure AD for a modern cloud directory that supports both cloud and on-prem resources for remote and distributed workforces. The ADMU converts Windows non-local user profiles to local profiles which can then be managed by JumpCloud.
  • For organizations using JumpCloud combined with an AD instance, JumpCloud’s Active Directory Integration (ADI) feature extends AD user identities to cloud-based resources. ADI allows for complete remote management of AD users and groups via the JumpCloud Admin Portal, with a true bi-directional sync with Active Directory identities. User self-service password changes on Mac, Linux, and non-domain-bound Windows machines write back to AD.
  • The JumpCloud PowerShell Module now supports an expanded visual dashboard module for at-a-glance insights into key JumpCloud directory information and one-click access to export this information to CSV files. Find everything you need to get started with PowerShell, including copy/pastable example commands, in our PowerShell Library.

Building the World’s Largest IT Admin Community:

We recognize the burden that IT admins often shoulder: distributed and understaffed teams dealing with myriad technologies under tight budgets. We want to lighten their load, and empower teams as they shift to the new IT reality of a domainless enterprise. To do that, we launched new platforms for connection and new tools for learning:

  • For everyone from the JumpCloud beginner to the expert, we offer easy-to-follow, finish-at-your-own pace JumpCloud University courses. You have access to straightforward class sessions designed for everyone.
  • In the JumpCloud Lounge Slack channel, you can join IT admins using JumpCloud to discuss directory services, device management, or any other IAM topics.
  • We have JumpCloud Office Hours each Friday. This is an open community forum where IT professionals can gather with JumpCloud’s technical experts to talk shop about the current IT landscape. Each session features a moderator and a small panel of JumpCloud’s brightest minds who guide attendees through a series of questions sourced from conversations with our customers and from attendee suggestions. (DevOps.com recognized the value of these Q&A sessions and we trust that you will, too!)
  • The newly launched “Where’s the Any Key?” podcast interviews IT professionals on issues of the day, provides insights about their successes, and shares tips for best practices.
  • And for entrepreneurs looking for tips on startups, our co-founder and CEO Rajat Bhargava just released the second edition of the popular how-to manual, The Startup Playbook.

What’s Next

As we head into the second half of the year, we’re excited to build on the successes we’ve had so far and the market’s enthusiastic recognition of it. Having doubled our YoY employee headcount and raised over $90 million, we’re excited to keep improving the lives and capabilities of IT teams everywhere as we make remote work happen, and do it better than before (we set pretty high standards for ourselves!) We remain committed to a model of product-led growth and are planning on hiring hundreds of new JumpCloudians to support our efforts. Stay tuned for great new functionality and community growth. As always, let us know what you’d like to see.

Continue Learning with our Newsletter