It’s Time for a New Cloud Directory Platform
A transformed IT landscape requires a cloud directory platform that provides secure access, based on a zero-trust model, to virtually any resources across multiple operating systems.
IT infrastructure is undergoing unparalleled change. The cloud, mobility and remote work are combining to render many technologies obsolete. Traditional directory services, once essential for premises-based client-server computing, are simply not suited to the new cloud-based model of remote work with multiple devices and operating systems in play. Mainstream environments that once consisted of Microsoft Windows-based servers, desktops and laptops have morphed into a highly diverse mix of Linux servers and macOS- and Windows-based devices.
Cybersecurity is changing as well. Tasked with enabling seamless and secure access to data and applications without inconveniencing end users or disrupting their work, IT leaders are trying to implement zero-trust cybersecurity strategies in which all users and IT resources are treated as attack vectors. Zero-trust architectures include conditional access policies, single sign-on (SSO), device trust, and multifactor authentication (MFA), among other capabilities.
The Directory Services Dilemma
Together, these changes demand a new approach to directory services. Microsoft Active Directory, long a pivotal IT infrastructure element, is not built for remote work and the new cybersecurity demands because it is not designed to function optimally with non-Windows elements.
While large enterprises might be able to invest in custom services and technologies to integrate a hybrid cloud environment with diverse clients and server OSes, small and midsized businesses (SMBs) are hard-pressed to make such outlays. Instead, they face the challenge of acquiring multiple hardware and software products from different vendors, each having different costs, licensing terms and maintenance schedules, then integrating them into a coherent whole. It’s no surprise that many SMB IT managers are overwhelmed.
Because a complex IT infrastructure can easily send costs spiraling out of control, the need to adhere to demanding budgets is another challenge confronting SMB IT leaders.
Further, the total cost of ownership (TCO) of any technology goes beyond hardware capital expense and software licenses. It also includes management expenses and the hidden cost of employee time wasted while waiting for systems to work as they should.
Staffing is still another issue. SMB IT leaders cannot rely on end users alone to enact security best practices, and they face the high cost of hiring infrastructure managers with the right skill sets. Further, many are finding that credentialed staff tends to specialize in legacy technologies like Active Directory, rather than having the expertise needed to manage modern IT infrastructure.
To confront these realities, the time has come for a comprehensive directory platform built for the modern office. A cloud-based directory platform has many advantages. For example, placing server hardware in the cloud and making it available as a service eliminates the cost and complexity of buying and deploying equipment on premises. And in contrast to Active Directory, whether on premises or hosted in Microsoft’s Azure cloud, a comprehensive directory platform enables businesses to choose the servers, devices and applications that suit their needs, providing the flexibility to adopt best-in-class technologies as they emerge.
A Cloud Directory Platform to Meet Modern IT Needs
Designed to address the needs of organizations that must accommodate multi-OS client devices and significant numbers of remote workers, the JumpCloud Directory Platform is a comprehensive, cloud-based directory. Because it is easier to use than conventional directory services, the JumpCloud Directory Platform reduces the overhead of implementing multiple point solutions for SSO, network access and device management for macOS, Windows and Linux systems.
As organizations gravitate toward zero-trust cybersecurity strategies, the JumpCloud Directory Platform offers many benefits. The best zero-trust implementations provide highly granular access control based on trusted identities, networks and devices while making user interactions as frictionless as possible.
The JumpCloud Directory Platform supports open protocols to connect a variety of resources, including Security Assertion Markup Language (SAML), an open standard for exchanging authentication and authorization data, and the System for Cross-Domain Identity Management (SCIM) specification. In addition, the JumpCloud Directory Platform supports Remote Authentication Dial-In User Service (RADIUS), which enables secure virtual private network (VPN) and Wi-Fi user provisioning and deprovisioning. It also supports Lightweight Directory Access Protocol (LDAP) to enable access to legacy infrastructure or network-attached storage. While LDAP can provide baseline authentication to servers and devices, the JumpCloud agent is recommended to manage these assets for comprehensive user and policy management.
By providing secure access to virtually all the resources workers need from a single platform, the JumpCloud Directory Platform enables administrators to rapidly set up new offices, bring new employees onboard rapidly and securely, and quickly offboard workers who no longer need access to the systems. This capability is particularly important for remote offices where it is not practical to dispatch IT administrators to perform such tasks.
TCO by the Numbers
The JumpCloud Directory Platform lowers TCO by eliminating the need to purchase, maintain and manage multiple infrastructure elements. The cost of using multiple point solutions to provide these capabilities, along with integration and maintenance, can be steep. In contrast, the JumpCloud Directory Platform provides a broad range of capabilities for a single monthly fee—typically less than half the cost of comparable server- or cloud-based directories.
Here’s a side-by-side comparison of costs for a company with two servers and 1,000 employees:
| Server-Based Directory | Cloud-based Directory | JumpCloud | |
| Monthly Operational Costs | $4,847 | $2,432 | $585 |
| Monthly Software Costs | $38,000 | $38,000 | $18,000 |
| Monthly Infrastructure Costs | $1,008 | $0 | $0 |
| Total Monthly Costs | $43,855 | $40,432 | $18,585 |
In this example, 85% of devices are Windows, 10% are macOS and 5% are Linux-based. Server-based directory costs include salaries for a system administrator and an escalation engineer, in addition to costs for server hardware, software and maintenance, as well as for integration and onboarding.
To provide secure remote access to diverse servers from multiple client types, the JumpCloud Directory Platform includes a number of different software components that work together. These include:
-
Identity management to enable client access and user management.
-
Device management to provide authorization and control for mobile devices.
-
SSO to give users rapid and seamless access to business-critical applications.
-
MFA to provide another layer of security for devices, applications and network access.
-
LDAP to provide interoperability with legacy services and hardware.
-
RADIUS to provide secure VPN and Wi-Fi access.
-
VPN to enable remote access.
-
Governance, logging and auditing to track user behavior for security and compliance
-
Zero-trust, conditional access to enhance security through identity and access management.
Licensed separately, these capabilities would cost a total of $38 per user per month, compared with a starting price of $18 per user per month with the JumpCloud solution. And while some cloud-based directory-as-a-service offerings are more competitive than Azure Active Directory, their costs are still higher than JumpCloud Directory Platform because they do not come with a full spectrum of software capabilities out of the box, including identity, access and device management. Organizations adopting JumpCloud are finding that it addresses the requirements they face in an IT landscape that has suddenly and permanently changed.
JumpCloud at Work
Grab
In the highly competitive ride-hailing business, the ability to move quickly into new markets—and once there, to grow rapidly—is essential. That was the challenge facing IT leaders at Grab, a web-based ride-hailing service in Southeast Asia. With only two weeks to set up an office in each market it was entering, Grab IT leaders needed a way to provide new users with secure and reliable access to applications and data. An on-premises solution, requiring the installation of a server in each new city, would have been impractical. A cloud-based approach was therefore essential. However, cloud-based Azure Active Directory would not have worked for Grab’s heterogeneous environment, where it needed the ability to handle both macOS and Windows endpoints as well as Linux servers.
“JumpCloud was the only solution where we could find both a directory and endpoint management that could be deployed quickly through the cloud,” says Juergen Klaassen, principal IT architect at Grab. “There’s very little overhead in our planned growth with JumpCloud.”
From its founding in Singapore in 2012, Grab has established its ride-hailing app in Malaysia, Indonesia, Philippines, Vietnam, Thailand and Myanmar, providing more than 1 billion rides. In the past three years, the service leveraged JumpCloud to expand from 1,500 users to more than 8,000 users, including contractors.
St. Andrew’s Episcopal School
The COVID-19 pandemic sent a shockwave through many educational institutions. For St. Andrew’s Episcopal School, it created the sudden need to enable remote learning. At the same time, the private school with two campuses in the Jackson, Mississippi, area faced a tight budget, a common challenge for educational organizations.
“At a school, your IT department always runs lean,” says Tony DePrato, CTO at St. Andrew’s. “Most of your money needs to go back into education. You can’t justify having three or four IT people just doing tech support.”
DePrato sought a solution that would enable remote access management while greatly reducing requests for password resets, the No. 1 source of trouble tickets.
DePrato implemented JumpCloud to give students one secure password to access JumpCloud-and Google-connected services in addition to Microsoft 365 accounts. Each password can be reset from a central web-based console. The implementation includes directory integration with Google Workspace and Microsoft 365, SSO for Adobe Suite and Adobe Spark, LDAP for legacy application authentication and RADIUS for secure Wi-Fi authentication.
JumpCloud’s SAML support is particularly beneficial in enabling students to access e-textbooks. Next on the to-do list is to use JumpCloud’s Active Directory Migration Utility so Windows domain accounts can be managed through JumpCloud. And importantly, the JumpCloud implementation relieves the school’s servers of a significant processing load, saving St. Andrews $16,000 in hardware and software replacement costs alone.
CompuConnect
As a managed service provider, CompuConnect takes seriously its mission to deliver value to its customers. Keeping in mind that the TCO of Active Directory includes hardware, licensing, setup costs, electricity, as well as monthly monitoring and maintenance, Yiddy Lemmer, CEO of the Brooklyn, New York, firm, didn’t want his clients to incur the expense of an on-premises Active Directory server.
“It felt so wrong to purchase a server to accomplish the need for directory services, group policies and system administration, and make our customers reliant on an on-premises piece of equipment,” says Lemmer.
The case for using a cloud-based directory as a more cost-effective alternative was strong, but Lemmer didn’t think Azure AD delivered sufficient value. Instead, CompuConnect chose JumpCloud’s Multi-Tenant Portal to administer directory services for its customers. The Multi-Tenant Portal enables CompuConnect personnel to view and manage each client organization from a unified dashboard.
Lemmer primarily uses the JumpCloud Directory Platform to administer remote Windows machines, which includes managing their local accounts and requiring MFA at login. He is able to remotely deploy the JumpCloud system agent to each workstation, adding new users and extending their identities to their machines without integrating with another MDM or device management solution. And Lemmer can get a new customer organization up and running within minutes.
Move Beyond Legacy IT
The cloud, mobility and remote work are transforming the way business is done. At the same time, relentlessly multiplying cybersecurity threats are causing organizations to explore zero-trust strategies to keep data secure. IT leaders face significant challenges as they strive to provide rapid, seamless and secure access to applications and data while keeping costs under control. A new approach to directory services is needed.
Agile, fast-growing organizations, particularly those with far-flung offices and many remote users, can little afford the out-of-pocket expense and ongoing licensing and administrative costs of on-premises servers to run Active Directory. And the alternative of Azure Active Directory, while delivering many benefits rooted in the cloud, requires additional hardware and software to support diverse operating systems and client devices.
When comparing the TCO of the JumpCloud Directory Platform with Active Directory, either on premises or Azure-based, the JumpCloud solution typically costs less than half the cost of Active Directory, because it contains all the software needed to support today’s heterogeneous environments. And organizations seeking to piece together alternatives to Active Directory, on premises or in the cloud, are likely to find purchasing and integrating multiple point solutions to be time consuming and expensive. IT leaders would do well to keep in mind these cost and feature considerations as they weigh their options.
As an all-in-one directory platform that includes everything needed to enable work to happen in today’s profoundly changed environment, the JumpCloud Directory Platform lowers TCO while improving the end-user experience and streamlining management tasks. The JumpCloud Directory Platform has demonstrated its value across a broad range of organizations that are successfully building agile digital businesses in today’s transformed IT landscape.
Work From Anywhere, Securely
Whether your team is in the office or on the couch, JumpCloud® makes sure they have safe access to the tools they need. Replace legacy systems with a cloud-first platform built for the way you work today.
Get Started