By Greg Keller Posted August 24, 2016
IT organizations are adding important new criteria when making purchase decisions pertaining to infrastructure and SaaS solutions. Security and trust have become a critical part of the equation. This is especially true of Directory-as-a-Service® where security and trust are foundational to this class of infrastructure.
Focusing In on Security & Trust
Security looked very different when it only had to protect completely on-prem environments. IT organizations largely created a moat around their infrastructure and leveraged a demilitarized zone (DMZ) for their publicly facing services such as email. Generally, directory services were located at the center of their IT infrastructure. As a result, remote equipment and workers needed to leverage a VPN to connect to the internal network. This added more work and effort. The security model was tightly aligned to the IT approach because everything was either on-premises or connected into the center of the network.
Directory-as-a-Service Stretches Security Strategy to the Cloud
As the IT landscape shifted to the cloud and heterogeneous environments, the security model started to change. While each platform needs to be independently secured, there also needs to be an overarching strategy. Controlling user access to all IT resources must be a core part of the security strategy. Historically, solutions such as Microsoft Active Directory or OpenLDAP were leveraged to help control user access. Unfortunately, with a variety of different platforms, locations, and protocols in use, these legacy directory services struggle with the cloud. A new generation of cloud-based directory services is reimagining AD and LDAP. Directory-as-a-Service is built to work in a cloud environment and from the cloud, securely.
Two Areas Of Expertise: Strengthening Security And Building Trust
Directory-as-a-Service features a number of different techniques that build trust and deliver strong security to organizations that leverage the cloud-hosted directory. These techniques include a hardened infrastructure, one-way hashing and salting of passwords, and mutual TLS for all communications. Along with systematic security processes, such as vulnerability scanning and penetration testing, the JumpCloud Directory-as-a-Service platform is designed to step-up an organization’s security. A number of customer-facing security features are part of the platform. They include password complexity and rotation capabilities, multi-factor authentication, and logging of event data. JumpCloud’s platform is also examined annually against the SSAE 16 Type 1 SOC 2 standard.
Drop us a note to learn more about the steps that JumpCloud is taking with its Directory-as-a-Service platform for security and trust. Finally, feel free to experiment with the JumpCloud platform and see the security features for yourself.