{"id":79294,"date":"2023-04-11T13:49:57","date_gmt":"2023-04-11T17:49:57","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=79294"},"modified":"2023-04-11T13:49:58","modified_gmt":"2023-04-11T17:49:58","slug":"webinar-recap-it-automations","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/webinar-recap-it-automations","title":{"rendered":"Webinar Recap: 6 IT Automations to Streamline IAM, Security, and Device Management"},"content":{"rendered":"\n
As organizations increasingly rely on digital technology to manage day-to-day operations, IT admins are faced with the time-consuming and often repetitive task of managing a number of users, devices, and applications.<\/p>\n\n\n\n
JumpCloud and Torq, a security automation platform, have integrated their services to provide IT admins with automations that help manage IT resources more efficiently and effectively.<\/p>\n\n\n\n
In a recent webinar<\/a> featuring Derek Johnson, Principal Product Manager, JumpCloud; Aner Izraeli, Director of Security, Torq; and Dallas Young, Sr. Technical Marketing Manager, Torq, the speakers provided valuable insights and practical examples of how six automations can be implemented to meet organizations’ needs.<\/p>\n\n\n\n JumpCloud continually aims to ease everyday tasks for admins and users alike without compromising on security. With Torq’s flexible integrations and easy-to-use workflows, admins can leverage the JumpCloud + Torq combination to automate the following tasks:<\/p>\n\n\n\n ”Temporary elevation of admin privileges is a common request that IT admins receive from users who might need it to perform a specific task,” Derek noted. JumpCloud console allows admins to grant such privileges with a few clicks.<\/p>\n\n\n\n However, given the possibility of the admin forgetting to terminate those privileges when the task is complete, coupled with the frequency of such requests, Aner demonstrated an alternative and more secure workflow.<\/p>\n\n\n\n \u201cThe user needs to go to Slack and run the command ‘\/getmeadmin<\/em>,’\u201d he said. \u201cThis event is received on Torq’s end and it invokes JumpCloud’s API to get the requester’s info. Security and posture checks are then run to verify the request’s legitimacy.\u201d<\/p>\n\n\n\n If these checks are passed, the employee receives a one-time token on their alternate email address. They’re to copy the token, paste it into the Slack text box, and submit it.<\/p>\n\n\n\n Aner continued, \u201cOn validation of the token, another call is made to JumpCloud’s API to list the devices associated with the user. Then the user selects the device they need the privileges on and for how long.\u201d<\/p>\n\n\n\n At this point, JumpCloud’s API elevates the user’s privileges, the user receives a notification to that effect, and Torq\u2019s Wait Operator will run until the allotted time elapses and then revoke the privileges.<\/p>\n\n\n\n As Derek explained, \u201cgroups\u201d are very powerful tools in the JumpCloud platform, especially as they are the go-to means for binding users to particular resources. <\/p>\n\n\n\n \u201cThere are a couple of ways users can get added to groups on JumpCloud,\u201d he said. \u201cFirst is to go to the user profile and directly add them to the groups they need to be in. You could also do the inverse by going into the groups and then selecting the users you want to add to them.\u201d<\/p>\n\n\n\n \u201cTorq interfaces with HR platforms such as Bamboo, Workday, HiBob, etc.,\u201d Aner explained. \u201cThe HR platforms’ payloads contain a few properties such as hiring manager details and the designated department, both of which Torq interacts with.\u201d<\/p>\n\n\n\n Thus, when a new user needs to be added to a JumpCloud group, Torq sends a message to the hiring manager asking them to approve the addition. If the manager does, Torq obtains the JumpCloud group ID. An API then uses the ID to enroll the user into the group.<\/p>\n\n\n\n Aner highlighted that this three-step workflow can be part of a larger onboarding process and can purely act as a nested workflow.<\/p>\n\n\n\n Derek sees just-in-time (JIT) and SSO access as a means of controlling who has access to an organization’s crown jewels, and when. He stated: \u201cThis is a process of a user making a request, verifying that the user is who they say they are, and granting them access to the applications for the duration of their task.\u201d<\/p>\n\n\n\n Aner explained how to perform this workflow: \u201cA Slack slash command \u2018\/getbackoffice<\/em>\u2019 triggers the workflow. Once Torq receives the commands, it calls JumpCloud’s API for validation of the user’s request, extracts the user’s alternate email, and sends a one-time token.\u201d<\/p>\n\n\n\n After validating the token, the user selects the access duration, and another call is put through to JumpCloud API to add the user to a specific group they need to be in to gain the requested access. If the call is successful, the user gets notified of their temporary addition to the group, and upon the expiration of the time selected, the user’s access is revoked.<\/p>\n\n\n\n Derek believes that failed logins are not necessarily always nefarious, but they could be a huge risk factor that may lead to bigger security problems. Thus, it is always helpful for admins to know when a user has attempted multiple failed logins so that they can investigate and take further action where necessary.<\/p>\n\n\n\n He explained that JumpCloud Directory Insights provide a look into whatever is going on in an organization\u2019s JumpCloud environment, including who has access to what and when they\u2019ve accessed it, log-on and log-off times, and failed login attempts. <\/p>\n\n\n\n He, however, points out that with Torq\u2019s integration, admins are able to set the threshold for failed logins and when they should be notified of having had a predetermined number of failed logins.<\/p>\n\n\n\n Aner described further how this works: \u201cOnce the workflow is triggered, Torq parallel steps queries to the IP reputation with Abuse IPDB and Virus Total. When the results are obtained, the user receives a Slack notification informing them that multiplied failed logins have been attempted on their behalf.\u201d<\/p>\n\n\n\n If the user confirms that these login attempts did in fact originate from them, the workflow ends. If not, then the security team gets notified, and they can choose to suspend the user’s JumpCloud and Google accounts and open a ticket to investigate the problem.<\/p>\n\n\n\n \u201cDevices are gateways to resources, and when a user has been verified and bound to a particular device, the device must be in compliance with policies implemented on it,\u201d Derek pointed out.<\/p>\n\n\n\n He described how the JumpCloud console enables admins to see the status of devices tied to specific policies. He also mentioned that through JumpCloud reports, admins can get aggregated information on policies like OS and browser patches.<\/p>\n\n\n\n He also noted that in some instances an admin might want to know at a moment’s notice what devices are noncompliant with a policy.<\/p>\n\n\n\n Aner explained how this can be achieved with Torq: \u201cFirst, Torq loops through the policies and checks their statuses as to whether they’re successful or not.\u201d The automation extracts failed policies and identifies the device(s) on which the policies are not in place. The device names are clickable and they lead to the device page on the JumpCloud console.<\/p>\n\n\n\n This, Derek highlighted, helps the IT admin go exactly where they need to take further action on the device.device.<\/p>\n\n\n\n According to Derek, a locked-out user is an unproductive user. He continued, ”When a user gets locked out of their device or account, the admin can go to the JumpCloud console, and switch the user’s account from ‘suspended’ to ‘activated.\u2019\u201d<\/p>\n\n\n\n Alternatively, Aner demonstrated a more efficient and secure method that required some user verification prior to re-activation. \u201cThe user is to execute a Slack slash command, ‘\/unlockme,’ <\/em>then complete certain security checks.\u201d <\/p>\n\n\n\n After these steps, Torq extracts the user’s alternate email address from JumpCloud and sends a message containing a one-time token to the address. The user is to then use the token for validating their identity and Torq calls on JumpCloud’s API to unlock the user.<\/p>\n\n\n\n As Aner pinpointed, the benefit of implementing these JumpCloud +Torq automations are as follows:<\/p>\n\n\n\n The JumpCloud and Torq integration provides IT admins with a wealth of automations that can streamline their IAM, security, and device management processes. The six practical use cases discussed in this article demonstrate how these automations are designed to ensure secure access to corporate resources while reducing endpoint risk for organizations.<\/p>\n\n\n\n If you would like to learn more about leveraging JumpCloud + Torq for your organization’s automation needs, you should absolutely check out the webinar here<\/a> and get visual examples of how these automations are implemented.<\/p>\n","protected":false},"excerpt":{"rendered":" IT admins often perform repetitive and time-consuming tasks. JumpCloud and Torq have integrated to provide IT admins with automations\u2026<\/p>\n","protected":false},"author":163,"featured_media":78840,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[23],"tags":[],"collection":[2777],"platform":[],"funnel_stage":[3015],"coauthors":[2640],"acf":[],"yoast_head":"\n6 Practical JumpCloud + Torq Use Cases<\/h2>\n\n\n\n
1. Request Elevation of Local Admin Privileges<\/h3>\n\n\n\n
2. Approve Group Membership for a New User<\/h3>\n\n\n\n
3. Grant Just-in-Time Access to a Single Sign-On (SSO) Application<\/h3>\n\n\n\n
4. Confirm Failed Logins<\/h3>\n\n\n\n
5. Investigate Devices’ Policy Compliance Status<\/h3>\n\n\n\n
6. Request User Account Unlock in JumpCloud<\/h3>\n\n\n\n
Gains of Implementing These Automations<\/h2>\n\n\n\n
\n
Streamline Your IT Stack with JumpCloud + Torq<\/h2>\n\n\n\n