As your organization grows in size and scope, managing access on a one-to-one basis becomes more difficult. There are too many users and too many IT resources to control. Grouping your users and IT resources is the smart and easy way to deal with this complexity.
Many organizations solve the problem of group access by creating shared credentials. Shared credentials provide easy access for a number of users, but it becomes difficult to manage as you have employees and contractors joining and leaving the organization. Further, shared credentials means little, if any, audit control around who specifically accessed the IT resource and what they did.
The right way to solve the problem of efficient user access is to provide group management, but for each person that is a part of the group to have their own unique credentials. This is difficult for IT admins to do manually, but simple with JumpCloud’s Directory-as-a-Service®. Groups can be maintained through JumpCloud groups, which group users and IT resources together. This enables, for instance, IT admins to create a marketing group that has access to the marketing resources in the organization. If users are added to the group, their unique accounts are automatically provisioned on all of the IT resources. If a person is deleted from the group, their access is terminated. JumpCloud’s group functionality makes it easy to manage access in bulk, and each person still has distinctly authenticated access – a critical feature for auditing and security.
- Simple interface to group users
- Specify temporary or permanent access
- Groups can be connected to specific IT resources
- Automated provisioning / deprovisioning of accounts to IT resources
- Each person must still login with their private credentials
- Mirror group membership from your Active Directory server
- Easily control and manage access in bulk to save time
- Enforce unique access rather than shared credentials for increased security
- Easily handle guests or grant access temporarily, without having to manually revoke that access when the time is up
- Centralize access control, no need to duplicate access settings on each resource