Automate and Scale IT As You Grow

Q2 2022 Webinar Recap

Written by David Worthington on April 4, 2022

Share This Article


Contents


Top of Page

A day in the life of an IT professional is rarely ever the same. That’s especially true when your organization (or clients’ organization) grows and new challenges arise. JumpCloud recognizes how growth acts as an inflection point in how IT is managed, from the user identity lifecycle through to device management and reporting.

As such, we’re adding new enhancements that translate into greater usability for admins and users, and help to scale IT to make your operations more seamless. Ultimately, you’ll have a greater understanding of what’s happening across your organization, which helps to build a strong foundation for your team to accomplish more than ever.

We’re also excited to announce several new beta programs (a JumpCloud first) that will introduce significant new capabilities to greatly enhance your JumpCloud experience.

For example, you’ll be able to consolidate your IT workflows to make better use of your time with the following new features: a new asset directory called Remote Assist (it does just what it says) and a revamped admin mobile app. We’re seeking your engagement and contributions to these beta programs, and our new JumpCloud Community forum will serve as a sounding board for your feedback and ideas.

What’s New in Q2 ’22? 

This next section offers a high-level overview of what’s coming this quarter.

Automations

In Q2 2022, we’re delivering new JumpCloud features to make identity and verification easier. This comes to life through more accurate automations for staging and managing group memberships, broader interoperability with Google and Microsoft (or identity consumption from any other application), and several new methods to secure identities. 

New methods include delivering multi-factor authentication (MFA) everywhere, on every IAM service that we provide, and adding checkpoints to verify who users are along the way. Single sign-on (SSO) will be broader and more open, with support for OpenID Connect (OIDC) and ways to simplify and accelerate SSO adoption overall. JumpCloud delivers strong MFA that’s backed by rules that are tailored to the resources you need to access.

Unified Endpoint Management

JumpCloud will become a single pane of glass and source of truth for all assets that IT admins care about by delivering a full-stack endpoint management solution that treats mobile devices as first-class citizens, and includes expanded and more flexible reporting capabilities for easier compliance and activity logging.

Setting MSPs Up for Success

In the same vein, MSPs will receive even more integrations for billing and operations, as well as more flexibility to help their clients grow alongside JumpCloud.

The following offers a deeper breakdown of each of the new product area improvements.

Automating the Identity Lifecycle

Our objective is to automate the management of the identity lifecycle across all resources. That’s accomplished through several changes designed to simplify user creation and eliminate some extra work or workarounds that were necessary to create user identities. New user creation is also far less of a manual process, which helps to save time and reduce errors.

Attributes Accelerate Identity Onboarding

You’ll soon be able to govern access by selecting which attributes will be managed and the directional flow of a user’s identity for Microsoft 365 and Google Workspace. Another significant change is the ability to manage groups and edit memberships with M365. Directory integration becomes much easier and will allow you to migrate from Azure AD to JumpCloud with fewer steps involved.

Screenshot of the JumpCloud User Group dashboard with options to edit group names, group types, and names.
Screenshot of the Import User configurations in the JumpCloud console that allow for attribute mapping.

JumpCloud’s smart group suggestions, powered by attribute-based access control (ABAC), will become more accurate with the inclusion of these attributes, because attributes enable you to build customized group membership rules. Just imagine: you’ll no longer have to maintain nested groups! Automation also has security benefits, safeguarding against accidental overprovisioning or, worse, accounts that have been forgotten.

Screenshot of customizable membership suggestions inside the JumpCloud console.

Automated Workflows

We believe that it’s critical to build out automated workflows for our users. In fact, JumpCloud will ultimately become a platform of orchestration and automation, with triggers for any number of events (not just enrollment) that make life easier for IT admins. Admins will assign meaning to actions. User enrollment is among the initial areas of the platform where this ethos will surface.

One of the building blocks is to allow you to easily consume identities from apps with a token-based REST API. JumpCloud has built a generic HRIS REST API import connector, so identities can be imported from even more identity sources. The connector improves JumpCloud’s capacity to stage users’ onboarding and offboarding. 

For your convenience, we’ll be including pre-built integrations for Personio and Namely this quarter to help you scale efficiently and securely as your organization grows. JumpCloud announced a similar integration and partnership with BambooHR last quarter.

Screenshot of JumpCloud's custom identity management configuration options

Access Control

Authentication can involve something that you do, something you are, and something you have. Support for biometric authentication devices addresses each of those principles to secure your most critical resources. 

Our approach balances security with usability. Admins can turn on mobile biometric as an additional factor in JumpCloud Protect™ to protect critical resources. Users need to verify their identity using mobile biometric or passcode/PIN after approving the request.

JumpCloud multi-factor authentication prompt asking for face ID or password

MFA Everywhere

MFA only works effectively when it’s turned “on” and present in IAM solutions. JumpCloud is extending where and how our MFA operates to reduce the risk of unauthorized access. 

The statement “trust but verify, ” a pillar of Zero Trust security, now applies to all JumpCloud services with the introduction of MFA for LDAP and MFA for RADIUS. This will enable you to protect network gateways such as VPNs. Other use cases include securing access to your firewalls and network-attached storage. This JumpCloud Community post outlines how you’ll soon be able to add Push MFA when logging into a SonicWall device. That also makes it easier for IT teams to cope with personnel changes.

Our Zero Trust story is only growing stronger. JumpCloud engineers are in the process of making it possible for admins to combine RADIUS with digital certificates to identify and authenticate users, deploy machine identities and cloud identities in Q3 and beyond.

These capabilities add assurance that access control such as SSO remains secure.

Extended SSO

We’re pleased to be offering simplified and secure user access to more applications using a single identity with expanded protocol support for OpenID Connect (OIDC). OIDC extends the OAuth protocol to help your applications verify user identities and exchange profile information through OpenID providers. Application developers favor this lightweight approach because it’s highly scalable, flexible across platforms (especially mobile), and simple to implement.

We’re also delivering flexible SAML configurations with alternative mappings (SAML Subject NameID), and more pre-built application connectors. Some of those are listed below.

JumpCloud offers pre-built connectors for Oktogo, hyperexponential, Moodle, Hansoft, mongoDB, Malwarebytes, and Paylocity.

The features outlined above automate the user lifecycle at every touchpoint, which is significant because users access resources over many devices, no longer just a PC.

Device Management

Device management is receiving enhancements that will also extend automation and security cross-OS, everywhere your users are working. We’re launching Commands 2.0 to centrally manage desktop devices, we’re delivering extended deployment flexibility for Windows, and we’re extending mobile configuration governance.

Device management policy enhancements are being developed for Active Directory and Azure Active Directory in Q2 2022.

Together, these changes help IT teams migrate from AAD and AD as well as present an opportunity to consolidate multiple unified endpoint management (UEM) solutions into one product.

Commands 2.0

We’re making commands work better for admins to centrally manage all desktop operating systems with greater predictability and reliability. This is especially helpful for roaming devices. Commands will ultimately become tightly integrated with automated workflows.

The key changes for commands in Q2 are:

  • Setting the previous 10-minute job expiration to a default of 10 days from issuance
  • Selecting a TTL for every command that you issue, from an hour to 10 days
  • View the queue of commands as they execute on your devices in new ways; this provides visibility into which devices have yet to perform an assigned task
Screenshot of customizations that can be made to alerts through the JumpCloud Commands dashboard.
Screenshot of the Command Queue screen in the JumpCloud console displaying OS type, device status, and device information.

Mobile-Specific Enhancements

JumpCloud is leveraging Apple’s Volume Purchase Program (VPP) to more gradually manage how apps are delivered to iOS and macOS devices. With JumpCloud, it’s now possible to:

  • Assign apps from App Store and macOS
  • Control flow of corporate data into personal apps on managed open devices
  • Set a custom configuration for each app
Screenshot of JumpCloud’s Software Management dashboard displaying a list of applications running on an Apple machine.

Automation and Security

The JumpCloud platform is on a larger journey to establish presets for compliance baselines such as NIST and CIS Controls, and this quarter is laying the groundwork to make it possible. This means enterprise-level security will eventually be just a few clicks away and accessible to SMEs with JumpCloud. We’re starting with comprehensive cross-OS patching in Q2 and then moving toward high-priority apps. Commands and configurations will bring everything together to help you meet compliance standards. 

Unified Patch Management 

Most enterprises have heterogeneous fleets, running multiple operating systems. However, this real-life scenario isn’t always serviced by system management tools. JumpCloud is stepping in with a unified patch management console, offering full OS parity, beyond Windows desktops. Linux and Mac devices are a high priority for Q2, and we’re delivering an experience that’s best suited for each OS, to balance usability with security.

There’s now visibility into all Linux distribution OSs.

Ubuntu
  • Ubuntu patch management has been simplified
  • Flexible options to secure Ubuntu end-user workstations with both major and minor updates
Screenshot displaying the simplified dashboard for Ubuntu patch management with options to deploy major and minor updates.
macOS 

macOS patch notifications (or nudges) will receive new customization options, including:

  • Replacing the JumpCloud logo with a custom logo
  • Modifying notification text
  • Implementing different notification templates per use case (major vs. minor)
Screenshot of a software update prompt explaining where to click inside of the JumpCloud console to upgrade their OS.

Patch Policy Report

JumpCloud’s Reporting has been enhanced to reflect JumpCloud’s unified patching approach. OS Patch Directory Insights Events are recorded in an interface that enables you to view and filter updating events, export and share the overall patching history, and view the OS patch policy impact with the OS patch event explorer. Take a look at the overview of patch activity below.

Screenshot of JumpCloud’s OS Patch Data dashboard displaying the number of events each week in the last 90 days.

Remote Assist Beta

JumpCloud is in the process of testing a critical support escalation path for remote workers: integrated remote assistance. The obvious benefit is that IT teams will no longer have to invoice yet another tool. It also reduces overall administrative burden through IT tool consolidation. 

Remote Assist is built to be secure (and respect privacy) with a workflow that requires end users to enter a unique Session Key as well as grant permissions to share their desktop and control over input devices. Support admins will have the capacity to work from the command line to troubleshoot system problems.

Data Services

It should be easy to access your data within the appropriate context. Thousands of events can occur on a single device, so we’ve focused on surfacing the most pertinent information in a way that’s easy to understand, actionable, and offers the ability to share data (as required).

Asset Directory Beta

A common request we hear is to “please get us out of our spreadsheet.” Our objective with Asset Directory is to provide a single pane of glass and source of truth for all assets that IT admins care about. It starts with importing information from JumpCloud’s device details page, but you can also tag custom assets. The primary focus will be on devices, software, and SSO apps.

You’re in control of what’s cataloged with the following import options:

  • Import assets via CSV and View list of devices
  • Add asset attributes from device details page
  • Add custom asset attributes to devices
  • Import list of devices as assets via CSV file
Screenshot of a JumpCloud prompt explaining that the user must download a template before uploading a CSV.

Homepage 2.0

JumpCloud’s console helps you to work more effectively with the inclusion of widgets that offer “at a glance” visibility into events that require your attention. An investigation page drills down into the appropriate mediation options. The watchwords are: alert, investigate, remediate.

The first round of new widgets will include:

  • User lockouts
  • Expired passwords
  • Upcoming expired passwords
  • Unencrypted devices
  • New users (past 7 days)
Screenshot of the welcome screen in the JumpCloud console displaying user and device metrics, lockouts, and notifications.

Reporting

Reporting will be focused on information that admins should know in terms of what’s occurring within their IT infrastructure. That’s significant given the increased threat environment from recent world events. New reports include New Users to SSO Applications and an OS Patch Compliance report.

New Users to SSO Applications Report 

Screenshot of the SSO dashboard with featured applications AWS, Slack, Google Workspace, Microsoft 365, and Atlassian Cloud.

Reports are being targeted to some of the most vital pieces of information for Zero Trust. Having visibility into which identities are accessing which applications helps to validate access.

  • This report lists which users have access to each SSO Application managed via JumpCloud
  • Allows admins to quickly provide an accounting of SSO Application access for audit or other reporting purposes
  • Further augments JumpCloud’s Users to Resource reporting category

OS Patch Compliance Report

Screenshot of the Policy Management dashboard in the JumpCloud console displaying macOS early adopter configuration options.

This report:

  • Lists all the devices that adheres to a specific policy along with Policy Status and OS Version installed for each device
  • One report for each policy available
  • Is available via JumpCloud APIs as well

Stored Reports Queue

JumpCloud is making it possible to export, store, and download reports at a later time. The practical benefit for JumpCloud users is the ability to return later to reports that take longer than usual to complete. All reports are now retained for a seven-day period.

MSP: Multi-Tenant Portal (MTP)

The MTP is being extended for our MSP partners’ business needs. New integrations for billing and increased visibility into your client base are being added this quarter. For instance, MSPs will be able to allocate licenses across their organizations, or allow for overages. That means it will be easier to manage client growth with fewer orders and billing adjustments.

The integrations we’re delivering in Q2 are:

  • Autotask PSA billing integration to monitor factors such as Cost Per Seat and High Water Mark on a daily basis
  • ConnectWise Manage support is also coming soon

Test JumpCloud’s Latest Features

JumpCloud Community is a new resource to ask questions about our beta program and collaborate with your peers about the new platform enhancements and our roadmap. We take customer feedback very seriously and your needs dictate our feature improvements. Our goal is to ensure that we’re solving problems for you and being responsive to your requirements.

David Worthington

I'm the JumpCloud Champion for Product, Security. JumpCloud certified, security analyst, a one-time tech journalist, and former IT director.

Continue Learning with our Newsletter