By Greg Keller Posted August 21, 2015
Improving security for our customers is a core tenant of JumpCloud, and one of the primary reasons why an authoritative directory like JumpCloud DaaS is implemented. To further deepen security for your organization, we have introduced multifactor authentication (MFA) to the JumpCloud user portal, adding to the pre-existing MFA support offered for the Admin Portal. The employee’s user portal is a gateway to other application access, so increasing security on is incredibly important and widely requested by our customer base. It’s a powerful update and as we release more employee-facing features for our user portal, will only help ensure that your user’s access is better secured.
For a complete step-by-step article on enabling MFA, and how your user’s will experience it, click here to read this article.
To step back, JumpCloud’s Directory-as-a-Service connects users to the IT resources they need. These IT resources can include devices, applications, and networks. IT admins provision users in JumpCloud’s cloud-based user directory. These users will receive an email requesting that they come to the JumpCloud user portal and setup their credentials. This is a critical step as it eliminates the need for IT to play middle man when provisioning users and, perhaps more importantly, removes any knowledge that IT has over credentials. An organization’s users sets their own password and SSH keys without IT being involved. Not only is that a security benefit, it also is more efficient.
During account setup, or anytime afterwards, a JumpCloud administrator can enable, optionally, to add multifactor authentication to user’s accounts. When enabled, users will simply install and use Google Authenticator on their phone with JumpCloud. Once multifactor access is enabled, now users will be required to input their one time code from Google Authenticator when they access the JumpCloud portal along with their normal credentials (email and account password). Note, that IT admins can also set multi-factor access to Linux servers as well with the same process.
Once authenticated with this additional factor, users will access the JumpCloud user portal for a wide variety of reasons. The portal is meant as a self-service solution that increases security and decreases the burden on IT. Among the tasks that users can conduct:
– Change passwords
– Rotate keys
– Edit user information such as address, phone number, etc.
– Single sign-on access to Google Apps, Salesforce, and AWS
By adding multifactor access to JumpCloud’s user portal, IT admins can level up their security and ensure that user access and user access changes are handled through not only a password, but another factor of security as well. We encourage all of our clients to turn on this capability to ensure that their accounts remain secure. Drop us a note if you have any questions or comments. We would be interested in your feedback on the functionality as well as other capabilities that you would like to see from our user portal.