Welcome to JumpCloud’s October Newsletter.
We tend to think about the things that actively thwart attackers as good security, but in truth every action we take contributes to improving our security posture. Under the theme of Do Your Part, #BeCyberSmart, this newsletter highlights the releases, events, and articles developed in the name of implementing good security at all levels.
The strategic investment with CrowdStrike, Atlassian, and others announced this month demonstrates our commitment to this: solving urgent security and IT management challenges faced by SMEs around the world.
Learn more about the advancements in privilege management, user account continuity, same-day support for major OS releases, and more across the JumpCloud Directory Platform.
Manage Sudo Permissions at the Group Level
One of the most challenging aspects of securely managing Linux environments is getting a grip on sudo permissions: namely, who should have them, and who actually has them. The traditional path to limit sudo access is manual and time-consuming, and the process is too often abandoned altogether for the sake of efficient privilege escalation.
With this release, admins can now manage Sudo/Admin privileges at the group level, creating a more efficient and secure means of elevating admin permissions on a device. This release offers admins two additional options for assigning Admin/Sudo permissions:
- Globally, assigned to a User group
- Specifically, assigned to any Device Group associated with a User Group
Advancements in SCIM: Import Users and Attributes From Outbound Integrations
Sometimes good security is the byproduct of improvements made elsewhere; this is especially true with the latest advancements in JumpCloud’s SCIM capabilities. In this release, IT admins can now create new users and more complete user identities within JumpCloud from any application with a configured SCIM outbound integration.
This ability to import users and profile data significantly reduces overhead, eliminating manual efforts that take too much time, add support costs, and open the door to human error. This also makes the transition away from a non-standard application that acts as the identity source easy to migrate.
JumpCloud Has Same-Day Support for macOS 12 Monterey
This week macOS 12 Monterey was released publicly, available as a free OS upgrade to Mac users everywhere. Because this update brings with it a lot of exciting features, admins should be prepared for eager end users to move quickly on this release. Fortunately, JumpCloud has you covered: the JumpCloud MDM agent has same-day support for Monterey.
However, if you prefer to wait, you can easily set up a policy to prevent updates to Monterey completely. You should also be aware that if you are using JumpCloud with another MDM, you will need to ensure that you have the correct permissions in place to account for the new restrictions placed on the /etc/pam.d/ directory on macOS Monterey systems.
JumpCloud SSO: Additions and Upgrades
Through JumpCloud SSO, admins can centralize their employees’ access to all applications through a single set of credentials leveraging SAML 2.0 and SCIM connectors. In addition to building custom applications, admins can select from JumpCloud’s growing list of out-of-the-box connectors to expedite and simplify this process.
Last month JumpCloud added and updated the following pre-configured SAML applications:
- Tencent Cloud
If you have a connector you’d like to see on this list, you can submit your request here.
JumpCloud’s Q4 2021 Product Roadmap Webinar
The JumpCloud Directory Platform provides secure, frictionless access to all resources, and we’re iterating on and developing new features all the time. In this quarterly webinar, we’ll be discussing:
- Enhanced MFA capabilities across more resources with JumpCloud Protect™
- Faster and more controlled onboarding with user management enhancements
- Same-day support for major OS releases and patch management
- Data-driven enhancements to our UI and reporting
Wonder what’s coming up? Join our product leaders Greg Armanini and Sundar Jayashekar as they present JumpCloud’s Q4 2021 roadmap on Tuesday, November 9 at 12:00 PM ET.
What to Read Next
- 5 Ways You Can “Know Enough to Be Dangerous” in Cybersecurity: IT admins are increasingly tasked with being security analysts; a big challenge if it’s new to them and they don’t know where to begin. This article outlines five core pillars of security that, when mastered, will give you a strong foundation to build upon.
- The Many Masks of the Phisher: Because even one user who falls victim can impact the entire organization, everyone needs to be able to detect and appropriately respond to phishing. This article will help IT admins prepare users to recognize and respond correctly to phishing attacks.
- How to Prevent Phishing Damage Using SSO, MFA, and Policies: Phishing attacks affect all organizations, and they’re often successful. However, there are controls that IT administrators can put in place to minimize the threat and consequences. Read this guide to learn how SSO and MFA help mitigate phishing attacks.
- How to Formalize a Security Program: Formalizing a strategy into a program requires structure, documentation, and (often) an auditor’s buy-in; no small task for an SME IT admin with so much already on their plates. Fortunately, the path to getting there is accessible, even if it’s challenging. Read this guide to learn where you can begin.
- See What Your Peers Say: With nearly 850 customer reviews, JumpCloud has a 4.6-star rating on G2. Read the G2 user reviews, and add your own.
What to Expect from macOS Monterey: Decommissioning, Apple MDM, & More
Tom Bridge, Principal Product Manager – Apple, JumpCloud
Bradley Chambers, IT Columnist, 9to5Mac
Navigating the Cloud Security Risk Landscape
Tom Kellermann, Head of Cybersecurity Strategy, VMware
Fred Wilmot, Chief Information Security Officer, JumpCloud
Other Things You Should Know
- Incoming! SAML Certificate Expiration Emails: The JumpCloud platform will now proactively send emails to all JumpCloud admins within an org whenever a SAML certificate is approaching its expiration date. Read more about the cadence and contents of this new alert.
- Improper Offboarding Poses Significant Security Risks: Onboarding is a hot topic these days, but the same care is often lacking when it comes to offboarding. However, the risk is too high to treat it that way. Learn why this is, and how to improve your process.
Find a more technical breakdown of our recent releases in our October release notes.