Simplifying Identity, Access & Device Management in a Hybrid Workplace

Written by Sean Blanton on June 24, 2021

Share This Article

One of the biggest challenges for remote and hybrid workplaces is managing identity, access, and devices.

With employees now working from anywhere, IT is tasked with figuring out the best strategy to keep data and systems secure while also ensuring people can work seamlessly, all without the benefit of having them in the same physical location (or at least in an established office environment) where most other variables are controlled and direct, one-on-one support can be quickly delivered. 

And while the core issues of identity, access, and device management remain the same, the complexity has increased as the next shift is underway: from a fully remote environment to one where any given user may work remotely or on a managed network on any given day.

Hybrid workplaces create new potential risk vectors in each of these areas as employees work from diverse (and unmanaged) networks, require access to a mix of cloud and on-premise resources, and are closer to (and thus more likely and able to) use their personal devices to do their work. Keeping track of it all without having a single pane of glass for complete and easy visibility is a major concern for IT. 

Since we’re venturing into new hybrid workplace territory, there is no solid roadmap for how to manage this new hybrid fluctuation dynamic. However, simplifying identity, access, and device management has been the driving force behind the evolution of the modern cloud directory, which decreases risk and improves IT efficiency by centralizing these facets of IT into a single platform built upon open standards; this can make all the difference at a time when many IT departments are short-staffed and working from tighter-than-expected budgets. 

The Benefits Of Simplification Ripple Down To The Employee

The easier and more simplified way you can manage identity, access and devices, the better the end user experience will be, too. And, at a time when companies are competing for talent, the employee experience becomes a key differentiator in where they want to work.

The benefits of simplifying management ripple all the way out to the end user — the easier and more seamlessly people can work, the easier they can deliver results. In one example, a study focused on macOS usage found that employees who have the freedom to take ownership of their tools perform 22% higher in performance reviews and are 17% more likely to stay with an organization. 

Additionally, a recent survey commissioned by JumpCloud found that when implementing company-wide multi-factor authentication in 2021, fingerprint biometrics and face recognition were the most likely to be rolled out. Considering most smartphones and laptops are manufactured with biometric scanners out-of-the-box, these factors make multi-factor authentication rollouts much easier for the end user over more traditional TOTP or OTP options that add additional layers of complexity end users dislike.

So, beyond making IT’s life a whole lot easier, choosing to simplify identity, access, and device management has a broader impact that is felt by every single employee. 

What’s the best way to simplify it? By modernizing the directory with a cloud platform like JumpCloud to unify device and identity management across any infrastructure, anywhere work happens — on-premise, in the cloud, and for Windows, Mac, and Linux. 

Why A Cloud Directory Platform? 

There are a number of reasons why a cloud directory platform approach brings intrinsic simplicity to IT operations and management. There’s no more hardware, patching, and upgrades to manage, implement or debug  — this cuts down the overall amount of time it takes to manage the system itself, as well as increasing its foundational security. 

Since a cloud platform is accessible from anywhere, employees who need it to authenticate against and thus gain access to a variety of applications, environments and their devices do not have to always rely on the VPN as a conduit to the centralized domain controllers that would otherwise grant and control authenticated access.

In the same vein, IT admins are no longer tethered to the corporate network to complete their daily tasks and larger-scale initiatives. If an admin needs to help a user troubleshoot access to a particular application, or implement new user groups mapped against new security policies, a cloud platform provides the flexibility to handle these projects from anywhere. 

Let’s have a look at how this works. 

Identity

The slow-but-steady shift to cloud-based tools over the past two decades was a big reason why  the sudden shift to remote work was so effective. With many employees already accessing much of their toolsets through disparate means largely over the internet, the idea of a centralized identity had already relaxed. Single sign-on platforms offered a way to reestablish tighter control, but their initial focus on web applications alone left much to be desired in terms of simplifying the complete management of identity.

From their first day of work, through the multiple apps and devices they will use while employed, to offboarding — an employee’s identity is at the center of everything they do. It is necessary to associate them with the IT resources they need to get their work done, and should securely and seamlessly integrate with productivity tools like Google Workspace or Microsoft 365, HR systems, cloud infrastructure environments, devices like laptops and workstations, and cloud or on-prem applications they may encounter. 

Further, in hybrid workplace environments, employees will need to have building and conference room access and be able to login to desktop computers that may be shared among workers in this new model. 

Simplifying identity by using a cloud directory platform that provides a single pane of glass helps keep identities more secure and gives employees a better experience. With one identity, one credential, managed through one platform, IT can easily create, import, and provision users, streamline onboarding and offboarding with SCIM and JIT provisioning, and extend a user’s identity to connect to all resources needed such as devices, applications, servers, networks, and cloud infrastructure. 

Access

On par with identity for secure logins, users need access everywhere they need it. In a hybrid workplace where users may find themselves working from an unsecure network, or through a personal device, security standards can quickly fall to the wayside.

IT needs to be able to use policy-driven access control based on identity, device, and network to ensure that access is allowed only when compliant security measures are met. Given the complexity of hybrid workplace environments, being able to manage user access individually or at scale across groups and leveraging prebuilt app connectors to integrate access can truly make a difference. 

A cloud directory platform lets IT use single sign-on built upon SAML and LDAP, provision secure access to servers at scale, and provision and deprovision user access to VPN and Wi-Fi networks, while also using techniques like multi-factor authentication to enforce biometric and TOTP MFA to safeguard user access — all from a browser interface.

Device Management

Device security and access in hybrid workplaces can be a true headache for IT as they grapple with remote and in-office environments. A single platform gives IT the confidence they need to know that they’ve got full visibility. IT will need to have zero-touch remote onboarding that covers the initial configuration and software management, have the ability to automate policy enforcement at scale and implement Zero Trust security by granting conditional access based on multiple environmental and device factors without requiring the end user to come into the office or an IT admin to touch an end user’s device. 

And above all else, IT needs to be able to manage Windows, Mac, and Linux devices in this way from a single platform; the ability to remotely enroll, configure, and protect devices independent of their OS, and monitor them from a single source of truth, creates a more secure environment. 

Hybrid workplaces appear to be the next status quo for workplace environments. Making user identity, access, and device management easy, unified, and simple from one cloud platform will help ensure success for a hybrid workplace strategy.


The JumpCloud Directory Platform reimagines the directory as a complete platform for identity, access, and device management. Built in the cloud on the foundation of open, extensible protocols, JumpCloud connects users to virtually any IT resources they need via a single, secure identity, increasing the security of every access transaction through zero trust security principles while reducing friction in order to Make Work Happen®.

Sean Blanton

Sean Blanton is the Senior Manager of SEO and Content at JumpCloud and has spent the past decade in the wide world of security, networking and IT and Infosec administration. When not at work Sean enjoys spending time with his young kids and geeking out on table top games.

Continue Learning with our Newsletter