Global events have raised alarm bells about the possibility of immediate and unprecedented cyber attacks. This article serves as a guide for our users to understand what’s being done to protect their accounts and services as well as how to achieve better security with the platform.
We take security seriously; we undergo multiple independent audits annually and have achieved SOC2 Type II status, which means that our experts have obtained recognition for how we design and safeguard our systems and customer data using robust security controls.
The JumpCloud Directory Platform provides a variety of features that help organizations implement technical controls for Zero Trust security and practice good IT hygiene. Now’s the time to take a deeper dive. Here are a few use cases on how to better secure your systems (if you haven’t done so already) based on how you might be using JumpCloud today. These use cases are examples of users that haven’t leveraged the complete capabilities of JumpCloud to secure IT infrastructure.
I’m using JumpCloud as my directory and haven’t done much else
We recommend deploying JumpCloud Protect MFA to add another layer of authentication for IAM. It can be deployed using push notifications, which are considerably more user friendly for smoother adoption. In addition, JumpCloud provides all users with hundreds of pre-built SSO connectors, so your organization can avoid storing passwords on third-party servers. SSO also reduces management overhead (you’ll no longer have to keep track of passwords on many systems). RADIUS services can perform a similar function for network administrators accessing equipment such as firewalls, and we’re working to extend MFA to it in the coming months.
The platform also has features that automate suggestions for group memberships using attributes such as who an employee’s supervisor is. Access rights should change if roles change or that individual is off-boarded. Legacy systems use nested groups where users inherit privileges, which requires administrators to constantly be on top of personnel changes. Users who aren’t leveraging these capabilities should consider implementing them for better security.
Conditional Access, which is a capability of Platform Plus, adds additional Zero Trust scrutiny to IAM. For example, users of certain apps could be required to always be challenged with MFA or be automatically denied access if they’re attempting to login from a location overseas.
The JumpCloud agent is on my system, but only for access control
Let’s talk about your (IT) hygiene. JumpCloud provides point-and-click cross-OS policies for system management. Custom policies can be deployed through the platform to accomplish nearly anything else that you want. We’re also an official Apple MDM (mobile device management) provider, delivering zero-touch user enrollment/deployment, the ability to execute remote commands, and application management. We are also in the process of delivering cross-OS patch management, in addition to pre-existing rules to enforce critical OS updates.
Gain Intelligence with System Insights
System Insights provides intelligence to audit your systems for security vulnerabilities, gather information for compliance, query endpoints to resolve issues (such as a missing disk encryption policy), and to take stock of IT asset management for fleet inventory information. Directory Insights monitors who’s doing what on your systems, IAM events, and significant system events (such as password changes) that should come to your attention.
CISA has compiled a list of free CISO tools here, with guides covering the following topics:
- Reducing the likelihood of a damaging cyber incident;
- Detecting malicious activity quickly;
- Responding effectively to confirmed incidents; and
- Maximizing resilience.
We’ve included an article overviewing basic IT hygiene and other best practices in the sidebar.
JumpCloud’s support organization is also here to help, or you may contact your MSP partner to further explore our platform’s Zero Trust features. Here’s the structure of our CSM team.
Account Managers ensure you receive full value from JumpCloud, as well as keep you up to date on relevant new product functionality. Account Managers are responsible for your renewal and related business conversations as part of your relationship with JumpCloud.
Account Services will respond to your inquiries on areas such as billing, contract questions, vendor questionnaires, security documentation, and more. They help you understand what resources are available based on your package and serve as a liaison among Account Management, Technical Support, Product, Security, and Billing. To contact this team, email firstname.lastname@example.org.
Customer Support Engineers continue to be available with our expert Technical Support team. You can also purchase Premium Support and have 24/7 access to our top technical experts, whenever and however you need them across phone, chat, and email.
New users also receive 10 days of complimentary support.