By Rajat Bhargava Posted March 18, 2014
We often hear about organizations manually managing Linux SSH or Windows Admin account. They might be sharing root passwords or managing accounts on a spreadsheet. Some may be leveraging Chef or Puppet to manage user accounts, but in general the process is largely manual for them. In all of these cases, they don’t use a user directory or database such as LDAP or AD. There are a number of reasons for a manual process, and they may make a lot of sense for these organizations. Manual work is less significant for organizations with only a few users. Traditional user management solutions don’t work well for organizations leveraging cloud infrastructure. In either case, many organizations opt to manually add and delete user accounts rather than taking the time to implement an LDAP or AD type solution.
Organizations leveraging cloud infrastructure is a case that we see every day here at JumpCloud®. The cloud has inherently changed how you need to manage user access to your servers. The cloud forces you to have solutions that can work across the Internet rather than behind the firewall. This has eliminated a number of traditional approaches to solving the problem. Enterprise identity and access management solutions are two good examples. The cloud also carries with it greater security risks, so having a more locked-down server is critical. Additionally, remote workers have contributed to the fundamental change in server access management. People in different situations need access to your infrastructure. How do you manage that securely and safely?
Managing User Accounts
JumpCloud’s Directory-as-a-Service® was specifically built for the case where organizations are manually managing their users. Whether they’re using shared passwords, configuration automation solutions, or scripts, JumpCloud centralizes user management control across clouds and platforms. Admins can provision users or terminate users with the click of a button rather than having to write or maintain code. Your users can reset their own passwords, without needing your help to do it.
Privileged accounts can be assigned to the right groups of servers with the right permissions, ensuring appropriate access. DevOps or IT pros managing user access don’t need to be involved with providing temporary passwords or obtaining public SSH keys. JumpCloud manages that process. Easily expire passwords or rotate SSH keys. Quickly enable multi-factor authentication with the click of a checkbox if you need an extra level of security.
Monitoring Logins and Privileged Actions
All login activity is monitored to ensure that the right people are logging into your servers. Furthermore, your users’ privileged actions are monitored to ensure that mistakes aren’t made, or worse, malicious commands are run. This type of monitoring can be time consuming to set up, difficult to filter for important events, and painful to maintain. JumpCloud works to protect you from this insider threat.
More Time to Innovate
No one looks at managing Windows or Linux user accounts and thinks, “That’s of strategic importance and is the best way to spend my time.” It’s important and has to be done, surely. It’s a prerequisite for all your other activities, but it’s a cost center. Managing user accounts doesn’t add value to your bottom line. However, doing it poorly can distract and cost you time, money, and potentially your business’s reputation. JumpCloud relieves you of managing privileged user accounts on your servers. Our platform covers bases you probably don’t have time for. In a matter of minutes, you can go from shared accounts or Chef/Puppet scripts to an easy-to-use interface with tremendous advantages. In conclusion, stop manually managing Linux SSH or Windows admin accounts. Save yourself significant time by automating user management today!