KONUX is the leading AI scale-up in railway, delivering predictive maintenance, network usage, and traffic monitoring and planning solutions, aiming to transform railway infrastructure and help usher in a more sustainable future. Founded in 2014 as a university project, the company — which has 110 employees working across Europe — has grown steadily in the ensuing decade. Currently, KONUX’s operations are primarily in Germany, Spain, and the United Kingdom. The company has plans to scale across Europe and into the North American market.
Looking to manage devices & resources through a single pane of glass
As makers of a SaaS solution, KONUX practices what it preaches, producing and consuming resources in the cloud.
“From the beginning, the idea of not having local servers or local tools has been there,” explains Ivan Skowronski, information security officer at KONUX. “It made us make some decisions about the stack of solutions we use, which includes Slack and Google products. When you’re using SaaS products, you don’t have the same kind of control, and it adds a lot of complexity for administration.”
At the same time, KONUX — which uses Macs and PCs — was looking for a solution that enabled them to manage all devices in one place.
We were using Jamf, but it was only covering a partial part of all of our endpoints. We needed something that would enable us to manage all these solutions in one place. We only have two people in IT, so we needed something that would help us administer all the endpoints in an efficient way.
Ivan Skowronski, information security officer at KONUX
Choosing JumpCloud for functionality & integrations
After researching their options, the KONUX team came across JumpCloud and ultimately decided it was the perfect tool for their needs.
“When I joined the company two years ago, JumpCloud was already implemented,” Skowronski explains. “We don’t have an Active Directory, which is usually the base for management of endpoints. So we needed something to help us solve the challenge we were having, and JumpCloud is doing that. With JumpCloud, we were able to replace Jamf.”
KONUX connected its Google Directory to JumpCloud, and the two systems seamlessly sync with each other.
“We do everything in JumpCloud, and if we make any changes there, it automatically reflects in Google and any other platform we have,” he says. “JumpCloud is really good for us. We don’t need an Active Directory and we can easily add a new machine to the platform and say which users have permissions to login. If one day we need to give that machine to another user, it’s as easy as giving it to the new person, formatting it from JumpCloud, and the machine is pretty much brand new and ready to be used.”
Increasing team productivity & maintaining compliance
In addition to making device and identity management easier for IT, JumpCloud has also helped KONUX ensure its distributed team stays productive.
“We use Remote Assist a lot for IT operations,” Skowronski says. “It’s super useful and the only way we have access to a remote computer to assist the user. Everything can be done directly through JumpCloud. We use Remote Assist to log into the machines and also execute remote commands. I believe that, in the future, we are going to use it more and more.”
We use Remote Assist a lot for IT operations.
Ivan Skowronski, information security officer at KONUX
KONUX is also using JumpCloud Policies to configure devices. Together with Remote Assist and commands, policies have proven to be truly transformative for the organization.
“These are the three things that really help us give high-quality service from the IT team to our users.”
Increased IT productivity
JumpCloud has enabled KONUX’s two-person IT team to cover more ground faster, utilizing their limited resources more effectively.
“Our team is logged into JumpCloud all day, and most of our IT things can be done directly from there,” Skowronski explains. “If we have a problem with a user — for instance, where the account is locked and the user freaks out because they need to work and everything’s urgent — and if we need to go through the logs in Google, it can be really a mess. In JumpCloud, it’s super easy. You can see exactly what has happened.”
Skowronski was particularly impressed by a new feature that enables him to give users admin privileges for five minutes, an hour, or however long they need.
“It sounds basic, but it’s incredibly useful as we do not have to think about revoking permissions,” he says. “It’s a really useful tool. It’s a small thing, but for us, it was a major improvement in user management and efficient capacity usage.”
In addition to increasing IT productivity, JumpCloud also makes life easier for the overall team.
Users don’t have to figure out where to find certain tools or where to log in. They just go to JumpCloud.
Ivan Skowronski, information security officer at KONUX
ISO 27001 compliance made easy
Three years ago, KONUX began pursuing ISO 27001 certification.
“We work with critical infrastructure, so usually our customers require us to be certified,” Skowronski explains. “Luckily, JumpCloud was already there. Many of the requirements that we needed to comply with and many of the controls that we needed to prove were implemented and already there out straight out of the box.”
As part of this initiative, KONUX implemented multi-factor authentication (MFA) in “two or three clicks.”
“Everyone has MFA on the platforms, and we can grant and remove access and apply policies on machines very easily,” he continues. “MFA is good for users that often travel. We have some that regularly travel on trains, so I believe this is an excellent solution. Obviously, if you’re in the office and need to write your MFA credentials, it’s a bit painful sometimes. But if you’re on a train, it’s another layer of security which is important.”
Whenever auditors come around, Skowronski and his team can easily satisfy their concerns thanks to JumpCloud.
“It’s really easy to prove the status,” he says. “It’s simply creating a report, showing our baselines, which machines have the policies implemented, which machines are failing. Having this kind of report makes our life so much easier and makes us compliant, in general and only during the audit. And it’s not only showing things, either. It’s also giving us proof. We can easily show that a disk is encrypted and then prove that the keys for that encrypted are stored in JumpCloud which can only be accessed and decrypted by the administrators. It’s amazing to have everything in one place.”
Automated onboarding and offboarding
KONUX onboards and offboards users through JumpCloud.
“Whenever a user requires new access, they can go to Fresh Service, create a ticket, and then we can easily trigger the assignment to a group, offer permissions, remove the user, and so on,” Skowronski explains. “For the users, it’s pretty transparent. If a tool is pre-approved, we can easily grant access. The implementation is done directly from Fresh Service in JumpCloud, which is really good for us as it reduces the time spent on granting access.”
Currently, KONUX is using device groups to manage Windows and Mac machines with more precision. The company also uses Personio for HR management and is planning to incorporate dynamic groups in the near future.
“Our plan for next year is to start doing role-based onboardings in a way that ensures users have access to tools from day one,” he continues. “In the near future, we will work with our HR team to create users in Personio and, automatically, they will be created in JumpCloud with many of the relevant permissions already granted, which will make our lives much easier.”
Additionally, KONUX has linked Apple DEP with JumpCloud.
“Whenever we buy a new computer in the Apple store and the computer is part of KONUX, the JumpCloud agent is downloaded from day zero,” Skowronski explains. “If we have an emergency and someone needs to buy a new machine, they buy it, turn it on, and JumpCloud is already there. Everything’s there, they can log in automatically, and it’s ready to be used.”
Unlocking more value
Looking ahead, Skowronski is planning to leverage additional JumpCloud features, including patch management and Password Manager. The company is also doing a proof of concept of JumpCloud Go™, which enables users to access JumpCloud-protected resources using biometrics or by typing in a password just once.
“I have it installed on my machine already,” he says. “It’s a really nice feature that is probably going to be rolled out pretty soon to the whole company. It’s super, super simple.”
If you’re considering JumpCloud for your organization, Skowronski has one simple piece of advice: “the sooner the better.”
“If you have a platform like this that keeps everyone in one place, it makes a huge difference in terms of administration,” he concludes. “If you’re looking for a security certification, you can get many of the controls implemented straight out of the box. It also saves a lot of time and a lot of effort. The sooner you can get everyone integrated into the same platform, the better.”
About JumpCloud
JumpCloud® delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.
To see the power of JumpCloud yourself, request a demo or start a 30-day trial today.