Pomelo is a fintech company that delivers payment processing and card issuing solutions to businesses across Latin America. The company, which launched in 2021 and is headquartered in Buenos Aires, is powered by a team of 300 employees spread out across the world. In December 2023, Pomelo closed a $40 million Series B round to continue expanding in the Latam region.
Designing world-class IT infrastructure from the ground up
As Pomelo’s cybersecurity technical lead, Ezequiel Virun is tasked to team-lead, overseeing identity and access management (IAM), incident response, and data protection.
This is no easy feat for somebody overseeing collaborators in one physical location; it’s that much harder when the team is 100% remote and distributed around the world.
Choosing JumpCloud due to previous experience with the platform
When he first started at Pomelo, the company’s CTO invited Virun to design the systems they’d use for identity management and cybersecurity.
In a previous role, Virun was asked to find a mobile device management solution that would enable that company to apply governance policies to both Windows and MacOS devices.
“With a quick search, I found JumpCloud and noticed that it was the only solution available at the time that could unify both platforms with device management, with single sign-on between a Google Workspace account and the device,” Virun says.
Liking what he saw, Virun deployed JumpCloud at that company; he also used JumpCloud’s custom policies to further shore up digital security. Based on his positive experiences with JumpCloud in his last position, it was a no-brainer to use the solution at Pomelo.
“It was the perfect choice, and the implementation went very well with zero touch,” he explains.
Keeping systems secure and compliant with JumpCloud
With JumpCloud, Pomelo has been able to strengthen security for internal customers while achieving and maintaining PCI compliance — something that’s critical for any company that processes payments.
“It’s also helped us set up a zero-trust framework with conditional access policies as well, adding an important security layer,” Virun says.
Streamlined onboarding and offboarding
By connecting JumpCloud to its human resources information system (HRIS), Pomelo has been able to accelerate both the onboarding and offboarding processes. When user lifecycles begin and end, access is granted or revoked to resources automatically.
“Going through and manually adding and removing users is a thing of the past,” he explains.
Access made easy
Pomelo is using JumpCloud Go, which enables passwordless authentication to JumpCloud-protected devices and applications. As a result, users can access the resources they need when they need them — without any friction.
“Employees can go through all of our apps and security layers with biometric authentication,” Virun continues. “It’s a great user experience.”
Automating permissions via the JumpCloud API
Leveraging the JumpCloud API, Pomelo has enabled just-in-time permissions to AWS and Local Device, which reduces the risk of unauthorized access.
“Our engineering team has a workflow that starts in our Slack chat and provides just-in-time permission to our AWS productivity platform,” he explains.
Additionally, the team built another automation that enables users to obtain root permissions in the device when they need to install new software.
“Pomelo users trigger the workflow and JumpCloud does the magic,” Virun says.
Here’s an overview of the design:
Looking ahead, Virun is excited about JumpCloud’s recent acquisition of Resmo; he can’t wait to test out the asset management software to detect potential shadow IT apps that aren’t controlled by Pomelo to prevent data leakage.
Learn more about JumpCloud
JumpCloud changes the way IT administrators manage their organizations by providing a comprehensive and flexible cloud directory platform. From one pane of glass, manage user identities and resource access, secure Mac, Windows, and Linux devices, and get a full view of your environment.
To see the power of JumpCloud, contact sales or start a 30-day trial today.