When dealing with compliance, DevOps and IT pros know how critical it is to narrow the scope of the compliant environment. However, the simple fact is that some organizations have not been able to eliminate their Microsoft Active Directory / Exchange server from the scope of their audit. As we all know, having AD in scope can be a nightmare.
For organizations using Active Directory and Exchange, it is the central identity management system and many of their internal systems run off of it. Changes are constantly made to AD. By keeping it in scope, all of those changes need to happen in a compliant fashion, thereby dramatically increasing the overhead to the IT team and potentially increasing the risk to the overall organization.
Leveraging JumpCloud® to manage user access and control to the servers in your cardholder data environment (CDE) is a beautiful solution to this problem. JumpCloud can eliminate your Active Directory / Exchange server from the scope of your PCI audit. Really! Only a limited number of people should have access to your CDE, so granting them access through JumpCloud’s Directory-as-a-Service® platform should take just a few minutes. JumpCloud will then manage and track their access to the CDE. JumpCloud can ensure that passwords are PCI compliant, all access is logged, and even privileged commands in the CDE are logged and analyzed. In short, many of your PCI Section 8 requirements are solved by JumpCloud. Consequently, one great big headache is eliminated by excluding AD and Exchange from your audit scope.
Directory-as-a-Service Lets You Eliminate Active Directory And So Much More
Additionally, JumpCloud can be your centralized user management system, hosted LDAP, RADIUS-as-a-Service, SSO, device management, MFA solution, and more. If you are interested in working with us on one of these directory services solutions, please contact us.