As the company surpassed its 20th employee, the DevOps team at FullContact knew that its new employee on-boarding process and ability to track user access to applications and infrastructure was becoming inefficient and overly burdensome. FullContact turned to JumpCloud to simplify identity centralization, management, and integration with all the resources their employees need to access.
FullContact is the leading provider of fully connected address book solutions for anyone who values a good network and being awesome with people. FullContact’s cross-platform suite of Apps and APIs enhance contacts with relational insights while keeping them organized, synchronized, up to date, and safe.
Founded in 2011, FullContact is a prototypical ‘cloud-forward’ company. The company leveraged cloud services from the very beginning. “We are 100% AWS,” confirms Charles Sullivan, Director of Technical Operations. AWS refers to Amazon Web Services, which provides FullContact hosted Infrastructure-as-a-Service solutions. “We’ve standardized on Linux Ubuntu instances, and we also leverage about 100 other SaaS applications to help run our business, everything from finance applications to cloud automation.” The cloud has helped provide FullContact with the productivity, database, and networking tools it needs without requiring the investment and infrastructure necessary to support on-premises solutions.
With nearly all of its employees using Macs and a “bring-your-own-device” culture for
mobile devices, FullContact exemplifies the modern organization in many ways. But this
decentralized work environment poses a major challenge for IT departments. How do you best manage employee IT profiles and provide access to the various resources that their users need? FullContact had been doing it manually, a relatively simple task when merely 10 employees are logging in. But new hires—and lots of them—are inevitable in a successful and growing business. FullContact quadrupled its employee base in just two-and-a-half years. The IT staff however, remained at three, each of whom is also responsible for managing the company’s operations.
Charles was looking for the most efficient way to support continued growth. The on-boarding process for new employees was becoming increasingly burdensome. Even more troubling, it was dicult to track who had access to what, leaving FullContact vulnerable to information leakage and unauthorized access to sensitive data—an issue Charles was intent on avoiding.
Managing employees’ profiles to access hundreds of different IT resources is something that companies struggle with to varying degrees. Some manage employee access manually, which is not only highly labor intensive but also risky business: manually de-provisioning users is particularly susceptible to error, with a recent study by Osterman Research showing that upwards of 90% of employees retain access to data and sensitive corporate applications from their former employers.
These practices almost inevitably lead to things slipping through the cracks, with certain accounts left active. FullContact was well aware that it needed a directory solution to address security concerns as well as to support its growing business.
Charles knew what he wanted: “The vision was to have a single source of truth of an employee’s identity.” Since FullContact leveraged cloud and SaaS infrastructure, Charles didn’t want an on-premises solution that he needed to manage. The trick, of course, was to make sure that his central identity source would work with all of the IT resources his employees needed, including workstations, servers, applications, Google Apps, and wireless network authentication.
“Ease of management was the biggest consideration, Charles explained, “It was important to have a one-stop-shop to know for sure we could easily turn on employee access.”
Charles and his team evaluated several options. “We simply did not want to deal with hosting and managing a solution—it wasn’t cost or time effective.” Their existing SSO solution handled access control web applications outside of their network, but they also needed a solution to control IT resources inside, including machines, WiFi access, and internal applications. Then, FullContact found JumpCloud. Charles realized that they could achieve everything they needed and still stay in the cloud.
“A key investor and board member was aware of our project. He introduced us to the
team at JumpCloud, who was all too familiar with our predicament.”
JumpCloud’s Directory-as-a-Service provided the “one-stop-shop” Charles was looking for, giving FullContact the ability to centralize user accounts under a single identity, hosted in a cloud-based, comprehensive directory solution. After trying JumpCloud for free with ten users, Charles and his vice president of engineering were satisfied that it could fit every use case they threw at it.
“We were able to neatly tie it in with our existing SSO provider and AWS instances, and we’ve been able to take full advantage of its REST API capabilities to seamlessly hook all kinds of customizations into the JumpCloud directory. In fact, our team has open sourced some key integrations leveraging Hesoid. Plus, it’s nice giving employees some self-service features, such as the ability to rollout their own SSH keys.”
To see FullContact’s Hesoid integration with JumpCloud, see FullContact’s GitHub repository: https://github.com/fullcontact/hesiod53-jumpcloud.
FullContact has since rolled its entire workforce onto JumpCloud’s directory. “We are seeing possibilities for identity management that we never even thought were possible. JumpCloud has given us a seamless way to scale our organization’s IT infrastructure along with our growing business needs and employee base,” Charles concluded. “At FullContact, we are all about managing people’s address and contact profiles in a nice, neat, and centralized address book solution. We are glad we found the equivalent for our employees’ IT profiles in JumpCloud’s Directory-as-a-Service.”