Google Workspace and JumpCloud are better together. That’s why the companies partnered to bring access control, identity, and device management to small and medium-sized enterprises (SMEs) that use Workspace. JumpCloud features a pre-built cloud directory sync that makes it possible for admins to automate user lifecycle and provisioning. This article outlines how the integration works and how it makes “single pane of glass” management a reality, backed by JumpCloud’s frictionless authentication that secures access to every IT resource.
Integrating Workspace and JumpCloud
The integration provides secure and consistent connectivity between JumpCloud and Workspace. IT admins can automatically provision new JumpCloud user accounts into Workspace and synchronize specified user attributes from JumpCloud to Google accounts. JumpCloud can be used to manage distribution groups in Workspace with dynamic groups automating group memberships.
Conversely, admins have the option to import users from Workspace into JumpCloud while keeping group membership and organizational unit management within Workspace. JumpCloud and Google provide optionality for admins to decide what the best solution is for their organization.
JumpCloud can serve as the identity provider (IdP) and use groups to provide single sign-on (SSO) into web apps using SAML and OAuth. It manages access to other on-prem IT resources such as Wi-Fi networks and network appliances using the LDAP and RADIUS protocols. Multi-factor authentication (MFA) is environment wide with options for modern, passwordless authentication as well as targeted conditional access rules for your privileged users. JumpCloud has the added benefit of deploying cross-OS device management via groups, ensuring that unmanaged devices can’t access your resources, including Workspace.
It all begins by configuring cloud directory sync.
Technical Resources
The following articles instruct admins on how to successfully integrate Workspace and JumpCloud.
Google Workspace Integration Guide
Single Sign-On with Google Workspace
Syncing User Attributes to Google Workspace
Use SSO Mandating Google Work Space Passwords on Specific OU(s) and Groups
Advanced Lifecycle Management
Let’s presume that you’ve integrated Workspace with JumpCloud’s open directory platform. You’re now ready to reap the benefits of this integration by streamlining identity lifecycle management. Lifecycle management ensures quick, accurate provisioning of users to resources while maintaining mature entitlements management. That’s possible because JumpCloud and Google both use dynamic groups that leverage user attributes to automate group memberships. JumpCloud can also import attributes from other sources such as your HR systems.
Workspace Distribution Group and Service Assignments
Workspace uses distribution groups to manage communication and collaboration such as:
- Leverage group aliases for email distribution
- Invite all group members to video conferences
- Restrict sharing content to members such as calendars, documents, sites, and videos
- Collaborate using Google Groups
JumpCloud’s dynamic groups can propagate distribution group memberships in Workspace and grant specific permissions to ensure confidentiality. Memberships can be partially or fully automated or directly assigned by admins. JumpCloud, serving as the IdP, provides SSO to all Workspace resources (and beyond) with MFA and/or optional access policies.
JumpCloud includes a decentralized password manager to create, store, and protect credentials.
Devices as a Gateway
Your Google identity becomes your new perimeter. JumpCloud couples identity and access management (IAM) with device management for Android, Apple, Linux, and Windows endpoints. Device postures and dynamic groups provide (and secure) access to your resources, which helps admins at SMEs to adopt and implement simplified Zero Trust security strategies.
- JumpCloud provides agentless approaches for Android devices through Enterprise Mobility Management (EMM) and mobile device management (MDM), respectively. Apple devices can even be provisioned via zero-touch enrollment. Windows MDM is also available now to provide a self-service device onboarding workflow using the latest device enrollment and management capabilities offered by Microsoft.
- Agents execute pre-built policy templates and root-level commands for Apple, Linux, and Mac endpoint security and compliance. JumpCloud collects telemetry that can be processed into curated reports, and is aggregated by JumpCloud’s System Insights tool. The agent makes it possible to include unlimited remote assistance through the JumpCloud admin portal as well as optional OS and browser patch management.
- Optional conditional access policies deploy certificates to ensure that only managed devices are capable of accessing your most valuable resources.
Unify IT Management with JumpCloud
Unifying identity and device management will enable your organization to reduce costs, improve operational efficiencies, strengthen cybersecurity, support workplace and digital transformation, and reduce the pressure on IT admins and security teams. It’s easy to get started: sign up for a trial of JumpCloud today.