IT management involves more than just devices: people are accessing more things from more places than ever before. JumpCloud’s 2022 Q1 product roadmap webinar focused on how the platform will streamline the entire process of managing the user lifecycle: user onboarding, automating identity management, governing access, and extending True SSO to a broad set of endpoints.
We’ve also undertaken a significant endeavor to ensure that JumpCloud’s technical foundations will provide immediate platform availability and build enough runway to extend our capabilities for years to come. JumpCloud is establishing patterns for continued future success to ensure equivalent prioritization for all items, not just features, and a strong service maturity model. The culmination of these long-term efforts will ensure an excellent customer experience. We will continue to provide weekly updates as this important work unfolds.
Simultaneously, new features are being delivered during Q1 to empower IT staff to streamline user onboarding while balancing access control and Zero Trust security with a low-friction user experience over time. It all begins with providing a seamless handoff between HR and IT to automate user creation.
Synergies across Identity and Access Management (IAM) services, our cloud directory, and reporting are designed to make lifecycle-centric user management possible. Patch management is a new platform add-on to enable stricter governance over your devices, and we’re rolling out expanded management capabilities for our MSP customers. Our objective, and the JumpCloud difference, is how we are making these capabilities effortless to deploy, which help our users grow. Here are some of the specific features that are arriving during Q1.
Speedy User Onboarding
Traditionally, user onboarding has been a multistep process where information is disseminated by HR and direct supervisors. Manual processes have high administrative overhead and risk important attributes (that can be used to manage access control) falling between the cracks.
JumpCloud is solving this problem by providing pre-built and generic integrations with human resources information systems (HRIS). We’re also delivering a “staged” user state that permits IT admins to provide new hires with access to resources prior to their start date and easy ways to track who’s being onboarded within the JumpCloud dashboard. Access is granted upon activation.
Extending the Cloud Directory
HRIS integration, as well as deeper syncing of attributes from Google Workspace and Azure/M365, means you’ll be importing fully attributed users. That is significant because we’ve extended membership suggestions to be informed by those more expansive conditions. Group condition configurations are more robust and intuitive, and JumpCloud’s attribute-based access control (ABAC) delivers dynamic updates on group membership suggestions.
Every organization could use an extra set of eyes on access management, which the JumpCloud platform provides for you in near real time.
The platform is also being enhanced to extend visibility through more robust reporting. A new resource and user report is coming in Q1 along with several other frequently requested reports for operations, security, and compliance purposes.
JumpCloud’s Asset Inventory Service (AIS) will function as a single source of truth for all of your organization’s assets (device, servers, hardware, software, and cloud infrastructure), starting with device reports in Q1. Customers have been asking for this capability, and we’ll continue to build on it throughout Q1 and beyond.
We’re also making it easier for partners and MSPs to adopt our cloud directory.
Streamlined Account Management for MSPs
An upgraded Multi-Tenant Portal (MTP) is coming soon to provide billing visibility. MSPs will have the ability to view billing details by tenant and download invoices. JumpCloud is automating the billing process with an integration with ConnectWise.
New widgets and drill-downs also simplify management, alerting you to activities that require your immediate attention such as user lockouts. Here’s an example of that view:
MSPs and other organizations that require more flexible deployment options will have the ability to auto-deploy JumpCloud agents on Windows systems using an MSI installer. A JumpCloud tenant ID/user can be entered to the installer to streamline user boarding. This works with Microsoft GPO, as well as Intune in AD/AAS environments.
We’ve also fully internationalized our BitLocker encryption policy and have added support for Fedora Linux 35, Amazon Linux 2022, and Red Hat Enterprise Linux 9. The JumpCloud agent helps manage IAM and identity throughout your fleet, which, along with improvements to our IAM, empowers IT to accomplish more. The next segment of this article explores how we’ve strengthened our IAM.
(Even) More Powerful Identity and Access Management
User identities are strongly tied to access control. Several improvements are forthcoming:
- More granular admin/sudo permissions to assign criteria in device groups for which devices should belong
- Passwordless MFA across all endpoints
- Strong certificate authentication to identify and authenticate users and deploy machine identities
- User self-service password requests
- Automated and delegated group memberships
- JumpCloud Protect™ push MFA plugins for RADIUS VPN and Wi-Fi logins
- Extending single sign-in (SSO) with OpenID Connect and more SSO connectors
- Managing identities in more resources with a REST API
- Applying Zero Trust Conditional Access rules across all endpoints
These features will be rolled out starting in Q1 into Q2 and beyond. Our objective is to enable users to securely access more resources on more devices, in more ways, as time goes on. The next section provides an overview of several significant new features that are coming to device management.
Device and Patch Management
Device management plays a key role within any Zero Trust IAM solution, because users move across many different devices and Zero Trust access control should always verify their security.
To that end, Patch Management is our most significant deliverable in 2022 to automate device lifecycle and reduce the threat footprint of any given device. This platform add-on enables users to schedule and manage patching across macOS and Windows (as well as managing version updates for Ubuntu Linux) within a single console. The console provides for greater visibility and reporting while strengthening your security posture.
The initial release of JumpCloud’s new patch management product will include the following:
- One-click policy default configurations
- Policies to automate the rollout of updates to your fleet whenever a new OS patch is available
- Net new policy for configuring automatic updates on macOS powered by end-user notifications
- Net new policy for configuring advanced Windows updates with enhancements for enforcing automatic updates
- End-user notifications for both macOS and Windows
iOS and iPadOS Device Management
JumpCloud will also be delivering automated device enrollment into JumpCloud MDM for iPads and iPhones via Apple Business Manager. This improves the user experience by allowing you to select which steps from the configuration wizard should be displayed during setup and requiring authentication during setup to make certain that your devices remain your devices.
Devices may be automatically enrolled into Device Groups within JumpCloud’s Admin Console post enrollment. We’re also making it possible to assign Apple Volume Purchase Program (VPP) apps to your devices at the device level, which are pushed silently without using an end-user AppleID. Only approved paid and free apps will be allowed onto your managed Apple devices.
Watch the Webinar
Additional information about these topics is presented in the webinar. JumpCloud is redefining the directory by delivering more automations, easier but powerful IAM, and Zero Trust security that’s designed for small and medium-sized enterprises (SMEs). You may click here to view it.