Contact Us
JumpCloud Logo

Leveling the Playing Field for SMEs

Creating Scalable Seamless Experiences Through IT Unification

Ask anyone responsible for keeping IT up and running for small and medium-sized enterprises (SMEs) – the world has changed. And as SMEs strive to compete with larger companies for customers, partners, and employees, that change is ushering in some new challenges for the future.

The Stakes Are High for SME IT

For the past two decades, digital transformation, cloud migration, and the consumerization of IT have been driving the demand for more flexible, frictionless, and on-demand services. For example, users from around the world can collaborate on a Google Doc, regardless of if they are on a Windows laptop or an iPhone. These are the kinds of scalable seamless experiences that customers, partners, and employees have come to expect. And the demand has only been accelerating during the past two years of remote work.

But it’s not just individual success that’s at stake. We need SMEs to succeed if we’re to find new post-pandemic prosperity. According to the United Nations Conference on Trade and Development, SMEs are critical to our economic recovery. And in order for SMEs to succeed and thrive, they need to attract and retain the best talent—high-performance talent is more than 400% more productive than average.

Scalable seamless experiences are those services that are able to grow with a growing business, whether that is 15 employees or 1,500. Automation, integration, transparency, flexibility, and ease of use are all hallmarks of scalable seamless experiences.

Scalable seamless experiences enable organizations to inspire employee confidence in their culture, such that their employees become brand ambassadors. This positive experience is paid forward directly to customers and partners, who benefit from the higher quality effort that comes from each employee’s contribution to the organization at large. Best of all, organizations can close the gap between security and productivity, enabling their IT admins to achieve both without the need for additional resources.

What’s more, startup culture influenced SMEs for so long that certain amenities became practically required for attracting and retaining talent, such as fitness centers, beer taps, and pingpong tables. But the allure of these attractive office spaces has been diminished since the pandemic forced many to work from home, opening their eyes to a new set of workplace amenities and perks. 

Employees now value remote work, flexible hours, and bring your own device (BYOD) more than on-premise amenities. In fact, many employees would sooner quit their job than quit working remotely. In short, they value the sort of work-life balance and enjoyable working conditions that can only be achieved through scalable seamless experiences.

And the benefits to remote work weren’t one-sided: remote organizations enjoyed higher productivity and significant cost savings. Now, many remote organizations do not plan to return to the office at all.

What Survival Looks Like in the Long Term

According to The Role of IT Managers in Post-Pandemic Recovery for SMEs, the ongoing management of remote workers has been the biggest challenge to their IT team since the start of the pandemic—nearly two-thirds of SME IT workers feel overwhelmed trying to manage remote work. SME IT admins have a hard job that has only gotten harder during the pandemic. The complexity of remote work and its security risks are increasing faster than budgets. Like everyone else, IT admins want scalable and seamless services that can reduce their workload.

And while many businesses focus almost exclusively on how to create compelling digital experiences for their customers, what is really interesting is how important the employee experience is to the individual and collective success of SMEs. Nine out of 10 SME IT professionals agree that the employee experience is an important factor when making IT purchasing decisions. IT admins want technology that unifies their existing stack, enables remote work environments, and is easy to use. Clearly, SME IT professionals are concerned with seamless experiences for their users as well as themselves.

With the urgent transition to remote work behind us, SMEs must now plan for the long-term future of work—a future defined by the “work from anywhere” mandate. The majority of workers indicate they want more flexibility in their work schedules, work locations, and how they get work done. It is clear that SMEs need to modernize their infrastructure to support remote work as seamlessly as they once supported their offices; the most clear and direct path to a modernized infrastructure is through IT unification.

IT unification is the process of identifying a platform (or suite of interrelated technologies) to become the core of your IT stack, incorporating it throughout your stack, integrating with critical systems that surround your stack, and finally consolidating around the core by shedding irrelevant or unnecessary legacy tools.

IT Unification: A Path to Seamless Experiences

IT needs to be able to support employees spread across the globe, operating systems spread across devices, and company resources spread across the cloud. Organizations need to invest in the right IT infrastructure, but unfortunately most legacy solutions, while comfortable and seemingly entrenched, are not typically flexible or compatible with modern solutions, making it challenging to integrate or consolidate around legacy infrastructure. Thus, legacy technology can hamper an organization’s ability to unify its stack and develop a competitive edge.

For one, device management has become much more complex compared to the traditional all-Windows shop. To maintain the pace of a modern IT ecosystem, IT admins need a modern device management system that enables them to view what software and apps are installed on remote devices, as well as seamlessly controlling, monitoring, managing, and updating all of it without interrupting users. This sort of modern device management is also beneficial to maintaining compliance and passing audits.

In addition, legacy architecture tends to be fairly scattered in terms of vendors and solution types, which can create data duplication, brittle integrations, and data siloing. While keeping functionality and systems contained within one platform streamlines both management and the end-user experience, a scattered architecture made up of components that have been gathered ad hoc over the years tends to do the opposite. SMEs often find they need to consolidate to deliver seamless experiences and scale.

Scalable seamless experiences mean employees can be more productive, customers and partners can be more engaged, and IT staff are free to work on more meaningful projects. But first, organizations must overcome the inertia of legacy solutions.

Active Directory – A Monolithic Solution in a Distributed World

Many IT admins wind up using Active Directory to manage IT resources because they feel like they don’t have a choice. Unfortunately, that means many employees wind up without a choice when it comes to how they work. That can be a sore spot for organizations trying to compete in an increasingly open and flexible world.

Active Directory (AD) is a behemoth built for legacy environments. AD was developed late last millennium to replace Windows NT domains, a domain management and user authentication solution that had a few performance issues of its own.

But as time marches on, digital transformation and cloud migration trends have resulted in Microsoft adding layers upon layers to retrofit AD for modern architectures – or worse, ignoring them completely.

And just like any behemoth, AD is slow-moving and riddled with blind spots. AD was designed for the historic network operating system model that is now largely obsolete.

The trends of the past two decades have been further catalyzed by the shift to remote work. Employees want the seamless experience of working from anywhere on any device, but AD doesn’t always support that goal.

“When COVID hit, we were – from a user and account management standpoint – not ready for it,” said Mitch Anderson, director of systems engineering at Boulder Heavy Industries. “That really moved us forward to accommodate this strange occurrence where everyone’s now remote. They’re not connecting to the VPN reliably, and any time there’s a password issue it’s a nightmare and a half to get them back online.”

Even before the realities of remote work became the new normal, IT admins struggled with AD when they wanted to use non-Microsoft resources, such as Google Workspace or Apple devices. MacOS adoption has increased more than 300% in the past 10 years and a quarter of organizations are completely cloud-based. AD tethers organizations to the Windows domain at a time when flexibility and choice are at a premium.

When it comes to cloud services, Active Directory lacks native integration with web-based applications (via SAML) or infrastructure (like Amazon Web Services). In heterogeneous environments, AD lacks native endpoint management, group policy functions, and multi-factor authentication (MFA) for both Mac and Linux. AD is a monolithic solution that is ill-suited for modern environments.

Even Azure AD, Microsoft’s cloud-based directory offering, is intended to function as an extension, rather than a replacement, of an on-prem AD instance. Azure AD incorporates more cloud functionality into its stack, but it has limited directory management functionality when compared to AD, including the loss of group policy management, organizational unit management, and legacy authentication functions like LDAP and Kerberos.

Microsoft’s cloud-based version of a domain controller, Azure Active Directory Domain Services (AADDS), solves some of these problems by offering a full directory that doesn’t rely on on-premise infrastructure. However, it too comes with its share of limitations, like more restricted administrative privileges.

Because of these gaps, organizations have frequently had to invest in additional mobile device management (MDM) and identity and access management (IAM) solutions, which usually require additional identity bridges and connections to implement and manage. And that, in turn, just complicates the user experience.

Sapling

The HR automation service found that its IT team was spending much of their time managing and integrating a complex mix of IT solutions, as well as managing users. They were using multiple point solutions for IAM, MDM, single sign-on (SSO), and password vaulting. The team once spent more than 60 hours in one month on provisioning activities. “Picking the best-of-breed tool in each area sounds good because you can get the best from each, but the problem is that you need to have enough experts,” said Ramesh Doddi, vice president of engineering at Sapling. “Instead of one person, you need to train three people in three different areas, and then afterward you need to build leadership around it. The cost footprint around it grows.”

Cabify

The Spanish ride-sharing company wanted to manage user access and cybersecurity for more than 1,500 employees. AD represented a major roadblock because it was incompatible with Windows Home Edition, which accounted for about 80% of Cabify’s PCs. The remaining 20% were Mac and Linux, which were also not supported by AD. “With a company like ours, implementing Active Directory would have been like putting a big dinosaur in the middle of the room,” said Enrique Salgado, global IT director at Cabify.

Cloud-Based Directory Services – One Directory for All

But there’s a new approach that avoids these additional costs and complications. JumpCloud’s solution is to enhance AD—or replace it entirely—by extending directory services to virtually any resource (and in so doing offering the freedom of choice to IT managers and the employees they support). In fact, JumpCloud’s solutions have been developed from the ground up with lightweight modern standards, enabling more speed and flexibility when agility is a competitive advantage. After all, no one wants to tell their all-star DevOps team that they can’t use Linux or their CEO that they can’t use a MacBook.

The fact that AD does not connect to cloud or non-Microsoft resources natively means that IT admins have to supplement AD with additional directories in each application or on each service, which require time-consuming manual processes to manage. Managing multiple directories and identities per employee through a collection of third-party services is both inefficient and insecure.

That’s why JumpCloud’s solutions enable organizations to unify their entire IT stack, replacing AD, MDM, and IAM solutions with an all-in-one access control and device management solution. With JumpCloud, SME IT admins can securely connect their users to virtually all of their resources with a single identity. That means their users can use any service on any application from anywhere, no problem.

JumpCloud also enables organizations to centralize their identities, manage access, control device settings, and more. And because it is cloud-based, there is no hardware required—that means lower costs and less complexity. That is especially beneficial for IT admins of rapidly scaling businesses that would rather focus their resources elsewhere.

“It’s been nice having centralized control over our global IT environment. We have 30+ offices across 12 countries, and there are only seven of us in IT. Some of our offices don’t have their own IT department, so we have to manage their environment remotely. It’s been incredibly helpful to have a cloud directory service with a web-based console that enables every Cabify IT administrator to easily manage an office’s IT environment regardless of where the office is,” said Salgado.

It’s an approach that’s been carefully crafted to enhance not just the employee experience, but the IT manager’s experience, as well. JumpCloud empowers IT admins to provision user identities and access to applications through SAML, Just-in-Time (JIT) provisioning, and SCIM, enabling easy integrations with resources typically out of reach for AD. JumpCloud supports Windows, Mac, and Linux authentication and provides group-based access and policy management to control device settings. Organizations can enforce MFA and use conditional access controls to enforce Zero Trust device security.

What’s more, JumpCloud makes it easy to migrate Windows systems from existing AD environments with its Active Directory Migration Utility (ADMU). Alternatively, organizations that aren’t ready to rip-and-replace AD can extend it with JumpCloud Active Directory Integration, which connects on-premise AD identities to domain and non-domain resources alike, such as Mac and Linux devices, cloud services, and more. With a bi-directional identity sync, AD Integration enables organizations to tackle their roadmap of consolidation at a pace that works for them; while they systematically incorporate and integrate the JumpCloud platform throughout their stack, they can fully manage their AD users remotely from the cloud. That’s a pretty big deal in an era of remote work.

“JumpCloud is really empowering us to let our people work from anywhere,” said Anderson.

In short, JumpCloud really does offer one platform for all. Whether in the cloud or on-prem, organizations can securely manage identities, devices, and access, all from a single platform, regardless of where employees work. That means organizations can eliminate extraneous point solutions they need to manage non-Microsoft products like Google Workspace, macOS, Zoom, or Slack.

So think about it. What is the real cost of AD to your organization? Besides the obvious costs of hardware and software, AD requires additional investments in things like maintenance, add-on software requirements, and network equipment, plus the time required to manage it all. But the JumpCloud directory platform offers a cost-effective solution that covers all aspects of managing your identity, device, and access in one consolidated platform—no point solutions required. Employees can work however they like with no hassles for IT admins.

“We use the time we save using JumpCloud to build experiences for our customers,” said Doddi.

Onboarding Employees – A Lasting Impression

Everyone knows that first impressions matter. Unfortunately, 5% of employees will quit after a disastrous first day, and 20% of employees will quit within the first 45 days. The National Federation of Independent Business reports that 40% of businesses have trouble filling open positions. That can cause a lot of unwanted turbulence with customers, partners, and other employees.

That’s why employee onboarding is such an important process. New employees expect access to whatever applications and services they need to be successful, but provisioning new users and devices can become a very time-consuming manual process for IT admins. It is a source of friction on both sides of the aisle.

Organizations should be eager to empower their employees to succeed from day one, which means that IT teams need to make certain new employees have the right access to the right applications (while limiting access where it isn’t needed). Documenting role-based policies can help manage this process, but it still adds complexity since different departments have different access requirements.

Traditionally, IT admins must maintain and install a master disk image (i.e., a gold image) with the appropriate applications and configurations on each device before it is ever touched by a new employee. Usually this involves physically ordering and configuring the device before handing it off to the user.

With this process, an IT admin would need to obtain the employee’s information, such as name, title, and department, their access and application requirements, and so forth. Then they would need to order a new device or retrieve one from storage and manually configure it. After that comes more installation of software and the creation of new accounts for cloud services, as well as user licenses and authentication for each application. Finally, the machine would be ready for delivery to its new user.

This traditional onboarding method involves a lot of checking the box, validations, and records-keeping. By the end of it all, IT admins can spend hours manually provisioning a new employee. That doesn’t sound very scalable (or enjoyable) when growing companies may add numerous new employees each month. And remote environments further complicate the process.

Working from anywhere has made onboarding employees more difficult. Unfortunately, device management tends to be an office-based process since IT admins need to physically retrieve laptops from storage or manually provision them. What’s more, millions of new employees have never been in physical contact with their co-workers, and that includes their IT admins. 

Onboarding can feel like a full-time job, but what happens when an IT admin gets pulled into another urgent project or has too many employees joining at once? A disappointing number of employees have shown up to work on their first day without a laptop ready for them—that is certain to leave the wrong first impression. The physical IT onboarding model can create a roadblock for new employees that are eager to work while simultaneously draining IT teams of their time and attention.

Zero-Touch Deployment: 100% Wow Factor

JumpCloud Zero-Touch Enrollment streamlines onboarding with a seamless experience that accelerates new employee provisioning from hours to minutes. New employees are amazed by the polish and prestige of the process. IT admins are relieved to eliminate another time-consuming manual process as their business continues to scale. In fact, IT admins may never even need to lay their hands on the device.

JumpCloud also combines a powerful device management system with identity management and SSO, so that IT teams can manage their entire onboarding process from a single, cloud-based console. Windows, Linux, and macOS devices can all be deployed, configured, and managed from anywhere, to anywhere. That gives employees the flexibility to work however they want to help attract and retain the best talent.

IT admins can automate user and device settings for Mac, Windows, and Linux machines by grouping new employees with the team they are joining to grant access to the applications and services they need to make work happen. These pre-configured settings save time for the new employee and IT admins alike.

“We can provision users and assign them directly to the device without touching the machine,” said Brian Coleman, founder of Matchstick Birmingham, an IT consulting and contracting firm in Birmingham, Alabama. “It’s a game changer to be able to create and provision new users no matter where they are—especially now, with the pandemic and offices essentially going away.”


JumpCloud even enables IT admins to send a new Mac to a remote worker without ever having to touch it. When the new user unboxes their Mac, their initial login unifies their identity with their device, configures the device, and gives the user appropriate access to all corporate resources through their JumpCloud credentials.

It’s that simple. As soon as the new employee connects for the first time, everything happens automatically—configurations, software installation, security settings, and more. Manual provisioning that could take hours is completed in minutes. This is a serious wow factor for new employees and it enables them to get to work immediately.

In short, JumpCloud helps you create an amazing first impression with your employees by eliminating the risks, complexities, and costs associated with creating and managing users’ identities across multiple systems. IT admins can streamline their solutions by integrating advanced device management capabilities with JumpCloud’s platform, eliminating the need for separate MDM and IAM solutions.

Yellow Dog

The growing studio in Denver recently found itself facing an outdated, unscalable approach to onboarding and managing devices. Onboarding and adjusting devices was becoming a full-time job for co-founder Dan Mulligan. To manage the increasing number of Mac and PC devices, YellowDog turned to JumpCloud.

“I’m able to change things that would have taken a lot longer before,” said Mulligan. “This has just made the whole process so much easier. If an employee needs to access certain servers or resources, I can rewrite access pretty much immediately.” And as for onboarding, “New hires walk in and their desktops are ready to go,” he explained.

Device Management: A Complex Challenge

The new prevalence of remote and hybrid-remote workplaces has diversified the types of devices organizations use and changed what it takes to secure them. 

Non-Windows devices are no longer confined to developers and picky CEOs; in fact, a past survey of IT SMEs found that only about 68% of the devices in SMEs were Windows. In addition, BYOD policies have made smartphones and tablets more common in the workplace. With many organizations maintaining at least a partially remote structure, companies need to manage an increasing number and diversity of devices connecting from anywhere.

To further complicate things, workplaces are no longer defined by a one-device-per-employee setup. Employees may answer emails on their laptops during work hours and on their personal smartphone after hours; some employees use different devices for different tasks, and some use their personal device as their main work device. This wide variety of use cases, combined with the fact that not all devices are connecting to the network from the physical office, make it difficult to keep track of the devices accessing corporate resources, let alone secure them.

From the perspective of a bad actor, these decentralized environments create a larger attack surface area with more pathways to the corporate infrastructure. And although some SMEs might think they’re too small to be a meaningful target for hackers, the data would beg to differ. More than half of mid-market companies have experienced a breach, and 40% of those breaches have caused more than eight hours of downtime—a whole workday. That is some serious friction for customers, partners, and employees that can result in lost revenue and diminished productivity.

However, security isn’t the only consideration when it comes to managing mobile devices; companies need to respect employees’ personal privacy as well. Using a device for both personal and work activity introduces the possibility of an employee’s personal data being exposed to their employer. This is a significant concern for employees; a company’s failure to respect employee privacy can reduce satisfaction and retention rates.

Balancing security and privacy is critical when managing mobile devices—and organizations can’t afford to compromise one for the other. To power seamless growth, this balance needs to be easy to implement and repeat. That’s where MDM tools come in.

Secure, Scalable Device Management

MDM has become a critical solution to these challenges and a necessity for remote and hybrid SMEs. MDM offers companies the security tools they need to keep all devices accessing corporate data safe while maintaining users’ privacy. Automation makes these capabilities repeatable and seamless, facilitating a scalable, easy-to-manage device environment.

With JumpCloud’s MDM tool, companies can track, configure, and control devices that access their corporate data. It’s platform agnostic, allowing IT admins to manage macOS, Windows, Linux, iOS, and iPad systems, and it combines with the JumpCloud cloud directory platform for unified security and management. Organizations can embrace freedom, flexibility, and choice without any added complexity. And employees can use any device and continue to work remotely—enabling the modern approach to work they have come to expect.

As the lines between personal and business devices become blurred, MDM programs must account for the employee experience to be sustainable and cultivate employee buy-in. The level of control over devices should correspond with device type and who ultimately owns the device. This helps ensure security and scalable device management without creating a cumbersome or uncomfortable experience for employees.

Employee-owned BYOD devices, for example, should allow the employees to retain privacy and autonomy over their personal data on those devices. JumpCloud’s MDM platform enables this privacy and autonomy by allowing voluntary enrollment for users, separating corporate and personal data, blocking the company from viewing or accessing personal data, and offering employees the option to unenroll at any time without losing personal data.

On the other hand, MDM programs for corporate-owned devices can be much more extensive. For corporate-owned devices, JumpCloud allows companies to specify password/passcode complexity requirements, restrict usage, configure the device remotely, lock and wipe the device remotely, and schedule and track updates.

Update and patch management are key components of facilitating scalable security with MDM. JumpCloud’s MDM makes updates manageable and predictable at a large scale so that organizations can remain secure and productive without having to risk downtime during critical business hours. 

With JumpCloud’s MDM, IT admins can schedule updates overnight, over the weekend, on shutdown, or on restart. They can also send out update prompts to employees to schedule at their convenience and block updates on devices that aren’t ready to receive them yet. And to keep everything transparent, IT admins can view devices’ update and patch status at a glance, including pulling quick insights like what percentage of devices have implemented the latest patch. In short, it makes updates easy to implement for the user and easy to manage for the admin.

A holistic view of your IT environment enables more informed decisions without impacting productivity. Remote management ensures maximum uptime and security without the need for devices or admins to be physically present—and that’s a big deal in the work-from-anywhere era.

“Balancing security and privacy is critical when managing mobile devices and organizations can’t afford to compromise one for the other.”

Passwords: Vulnerable from Day One

The first computer password was created in 1960 by a group led by Fernando Corbató. And one year later, the first theft of a computer password was perpetrated by their colleague, Allan Scherr. (He wanted more time on the computer than they were willing to give him.) Today, stolen passwords are the number one source of data breaches. Hacker forums are full of passwords for sale. And the work-from-anywhere model has even made it worse.

Even the process of remembering and resetting passwords can cost an organization $5.2 million in lost productivity. When it comes to seamless experiences, passwords are one of the most imperfect systems that still exist today.

The real problem with passwords is that they are everywhere. We need a password to log into our devices. We need a password to log into our email. We need a password to log into our cloud services. Sometimes we even need a password to log into our vault of passwords. The list goes on. So it should come as no surprise that more than half of employees reuse their passwords across business and personal accounts, creating even more vulnerability and loss of control for IT managers.

Unfortunately, password reuse leaves organizations vulnerable to credential stuffing, where a hacker obtains a list of usernames and passwords from one breach and uses them to try breaking into other accounts. Even when passwords aren’t reused, they often tend to be weak. (It’s even worse when people reuse weak passwords!). 

For example, the three most common passwords in a massive Linkedin password leak were “123456,” “linkedin,” and “password.” Shocking, but true. Weak passwords leave organizations vulnerable to password spray attacks, where attackers automate the process of trying to log in with these common passwords.

But even if employees do their best, organizations are still vulnerable to social engineering, brute force attacks, and other advanced techniques. Two-thirds of users (even IT admins) admit they share passwords. These shared accounts lack individual ownership and accountability, which opens the door for insider attacks. That could seriously disrupt business when it comes to accessing privileged cloud infrastructure or Linux environments.

So it’s easy to see why IT admins and employees are suffering from password fatigue. They’re wasting an average of 10.9 hours per year entering and resetting their passwords. Employees may forget their passwords, or compliance policies may require them to be changed every 60-90 days. When employees are used to many of their favorite personal apps and social media sites keeping them logged in indefinitely, dealing with passwords all the time at work seems pretty antiquated by comparison.

“Even if employees do their best, organizations are still vulnerable to social engineering, brute force attacks, and other advanced techniques.”

Despite passwords being hard to remember, they’re easy to steal—which means oftentimes they end up doing more good for hackers than the people they’re meant to protect. From Bill Gates to Allan Scherr, the industry has been predicting the death of passwords for 20 years. When passwords are the only way to authenticate a user, organizations are leaving themselves vulnerable to attack. Fortunately, we’re starting to wake up from this horrific dream state and beginning to embrace a new paradigm—passwordless security.

Reducing Reliance on the Password: Single Sign-On and Multi-Factor Authentication

As passwords decline in effectiveness, organizations are turning to alternative methods to bolster the password’s security or even eliminate the password altogether in favor of something more secure. Multi-factor authentication (MFA), single sign-on (SSO), and passwordless authentication hardware are top avenues to heightening security by eliminating reliance on the password.

The Center for Internet Security recommends MFA as its first choice for secure authentication. Instead of relying on the strength of a password and an employee’s ability to remember it, MFA requires secondary factors, such as authentication keys or SMS messages. 

Adding a second factor creates a major roadblock for hackers and significantly reduces the chances of unauthorized access. MFA can be an easy and cost-effective solution to protect against the repercussions of password fatigue. And it can be as seamless as a push notification, just like an employee is used to receiving from their favorite apps. It reduces friction with user-friendly, but secure, technology.

Conditional access policies can further strengthen and streamline this process by evaluating the location of the user, their device, the security of their network, and their device health to determine whether to require MFA. A user trying to access their email from a trusted device on the corporate network could be allowed to bypass the MFA requirement, but a user trying to access privileged accounts from an unknown device in another country should be challenged with MFA. In this way, IT admins can easily maintain security while their employees remain happily productive.

SSO further reduces an organization’s reliance on passwords by only requiring them once per session. Organizations can eliminate password fatigue with SSO by consolidating dozens of passwords into a single secure identity. JumpCloud True Single Sign-On (True SSO), for example, securely authorizes users to virtually all the resources they need to do their work—regardless of platform, protocol, provider, or location with one set of credentials. No more complexity, no more remembering, no more resets. 

And fewer passwords means less work for IT teams, too. When Schernecker Property Services (SPS) started using JumpCloud’s SSO, it immediately noticed the time-saving benefits in addition to the security boost.

“One of the biggest results has been the reduction in help desk calls for password resets. People only have to remember one password now for everything,” said David Garrity, senior technology manager at SPS. 

“Before JumpCloud, we weren’t enabling multi-factor authentication, because people would have several multi-factor applications, connections to manage independently. People also weren’t always taking good care of their passwords as there were so many different passwords to manage. Adopting JumpCloud allowed us to conform with industry standards for password management,” he said. “JumpCloud was a huge step forward in getting our security in place.”


To take things one step further, the Fast Identification Online (FIDO) Alliance has paved a path to a passwordless future by developing the principles and protocols needed to get there. As users grow accustomed to abandoning their passwords for personal services, they will come to expect the same from their business services as well. In fact, more than half of employees would prefer passwordless logins.

FIDO2 uses authentication hardware, such as a security key or a biometric scanner, to authenticate users with the press of a button. FIDO2 can be enhanced with seamless MFA solutions, such as a push notification, to facilitate a secure passwordless login.

Pragmatically, reducing an organization’s reliance on the password requires a unified platform to manage IAM, MFA, and SSO to keep friction low and security high. JumpCloud can power secure authentication from a centralized identity directory by supporting FIDO2 logins to its User Portal, offering a push notification MFA app, interfacing with third-party authenticator apps, enabling conditional access policies, and more.

Start off on the Right Foot: Unify to Scale

SMEs need to create scalable seamless experiences for their employees, customers, and partners, if they hope to compete in the post-pandemic normal and help the world get back on its feet. While everyone has a role to play, the key to IT’s contribution to these scalable experiences is through IT unification, a long-term strategy achieved through identification, incorporation, integration, and, ultimately, consolidation.

  • Checkmark

    Identification: The first step towards a strategy of IT unification begins with the identification of what makes up the core of the IT stack. This is often a single platform from which all IT resources can be managed, secure, or leveraged: your single source of truth. However, this sometimes consists of a small collection of critical systems that support IT operations at large.

  • Checkmark

    Incorporation: Make sure all the tools and functionality you need from your core are incorporated throughout your stack. Often, after auditing their architecture tools and functionality and implementing the new platform to fill key gaps, IT admins find there are duplicate functions and areas where they can consolidate.

  • Checkmark

    Integration: The elements within (and surrounding) an architecture need to work well with one another. Smooth integrations power seamless experiences, from automated onboarding to comprehensive SSO. These are the experiences that empower SMEs to scale.

  • Checkmark

    Consolidation: Combining tools and vendors where possible to cut down on your infrastructure’s total cost of ownership (TCO) and continue to power even more seamless experiences that support scalability. While it can seem counterintuitive, consolidation reduces the number of integrations, vendors, and platforms you have to work with, creating scalable environments that are light, nimble, and highly efficient.

Through these four phases, IT admins can curate an infrastructure that’s optimized to deliver the scalable seamless experiences that keep them competitive in today’s marketplace. To start on your unification journey, consider the following questions.

How well is your infrastructure positioned to support scalability?

  • Can your infrastructure support ongoing change? Can it do so flexibly and cost-efficiently?
  • Is your directory hosted on-prem or in the cloud?
  • How much of your foundational infrastructure is hosted on-premises? What would it take to migrate those components to the cloud?

What technology do you need to incorporate into your stack?

  • Do you have a tool that can manage your users’ identities? How many identities does each user have?
  • What would you need to do to reduce that number to one? Do you have a tool that manages devices?
  • Does that tool grant visibility into all devices accessing corporate data including mobile and personal devices?

Where can you integrate and consolidate? Are your identities and devices managed separately?

  • Is your directory separate from your device data?
  • Are your directory, IAM, and MDM tools provided by different vendors?

Start a Free Trial

JumpCloud is designed to deliver a cloud-based directory platform that unifies your IT stack. It incorporates and integrates everything you need to power scalable seamless experiences, and delivers them in one platform that's easy for admins to manage and easy for employees to use. You can start a free trial at any time—try the platform free today to test out a consolidated platform in your environment. 

Try JumpCloud for Free