Unified Cloud Directory Capability Audit & Event Logging

Written by Greg Keller on April 3, 2017

Share This Article

Systems, applications, and networks are all at the epicenter of an organization’s IT resources. Authorizing all of these assets is made simple and possible thanks to a unified cloud directory.

The cloud-based directory service plays a crucial part in regards to security and compliance. User management, authentication, and authorization is all contained by the directory service. Internally, logging and the resulting event data can be a major asset for IT admins.

JumpCloud’s Directory-as-a-Service® delivers audit and event logging as a central feature with the entire cloud-based platform.

Unified Cloud Directory – Cataloging Audits and Events

Authentication requests to the managed devices and systems kicks off the audit and event data for an identity provider.

cross device management

With JumpCloud, the architecture functions with a lightweight agent on Mac, Windows, and Linux  devices. This agent syncs up with the JumpCloud infrastructure by way of a mutual TLS connection. Requests are logged locally within the device whenever a user authenticates to the laptop, desktop, or server. The resulting logs are frequently delivered to the JumpCloud infrastructure where the data is organized. Both successful and failed login attempts are gathered here.

Beyond just core system login data, JumpCloud also gathers all the web console events. Every action taken by an admin is collected and stored within the same system. Alterations to account info is logged, including the addition and termination of user accounts. The modification of the admin accounts themselves, the enabling of services like Google Apps, Office 365, LDAP, and Single Sign-On, and all changes to groups are also logged.

FInally, JumpCloud also logs end user console access, which ensures the IT organization will be able to review security events and provide audit data to regulators.

Archiving Compliance and Security Initiatives

Just looking at what happened to LinkedIn and Mark Zuckerberg it’s evident that megabreaches and security threats are becoming more and more prominent. This is why compliance and security practices are central to all IT organizations.

At the forefront of an organization’s security threats is identity theft. This is why the control of user access is so important to security initiatives and compliance.

When an identity within an organization is compromised, the account acts as a gateway to the infrastructure and network. The result of this breach almost always is the theft of critical data.

To combat this it is crucial organization’s have the ability to log data from all authentication events. This allows abnormal activity to be flagged within the stream of data and events.

With JumpCloud, event logging and data can be synced with all varieties of log analysis tools.

Directory-as-a-Service®: Delivering the Complete Data Picture

JumpCloud’s unified cloud directory audit and event logging capability is made possible via a REST API. As it returns, the data takes form as a JSON object, allowing it to be altered and post-processed as deemed necessary.

If you would like to learn more about how to use this audit and event logging capability within JumpCloud’s unified cloud directory, check out our Knowledge Base.

For more information on our cloud-based identity management platform, send us a message. In addition, for a more hands on experience sign up for a free account – your first ten users are free forever.

Continue Learning with our Newsletter