{"id":76205,"date":"2023-06-05T13:12:09","date_gmt":"2023-06-05T17:12:09","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&p=76205"},"modified":"2024-09-09T14:58:51","modified_gmt":"2024-09-09T18:58:51","slug":"frequently-asked-questions-jumpcloud-protect-admins","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/frequently-asked-questions-jumpcloud-protect-admins","title":{"rendered":"FAQ for Admins: JumpCloud Protect"},"content":{"rendered":"\n

Your users can download the JumpCloud Protect\u00ae mobile app to secure their accounts using Multi-Factor Authentication (MFA). The app can be downloaded from the iOS App Store<\/a> or the Google Play Store<\/a>. Once your users have downloaded the app and successfully enrolled their devices, they can authenticate using Push MFA or Verification (TOTP) Code<\/a> MFA.<\/p>\n\n\n\n

This KB article will answer common questions and offer suggestions to troubleshoot any issues that may arise during your team\u2019s use of JumpCloud Protect.<\/p>\n\n\n\n

Frequent Questions and Answers<\/h2>\n\n\n\n
What software package is JumpCloud Protect included in? <\/a>
\n

JumpCloud Protect is available in all JumpCloud tiers.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

Where can my users download JumpCloud Protect?<\/a>
\n

JumpCloud Protect can be downloaded from the iOS App Store<\/a> or the Google Play Store<\/a>.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

What versions of Android and iOS does JumpCloud Protect support?<\/a>
\n

iOS 13 and above, and Android 8 and above. <\/p>\n<\/div><\/div><\/div>\n\n\n\n

Are there any countries where JumpCloud Protect can\u2019t be downloaded?<\/a>
\n

The JumpCloud Protect mobile app may not be available in restricted countries such as Iran, Cuba, Syria, Sudan, North Korea, Russia, Belarus, and the Crimean region. Google Playstore is blocked in China, so users will not be able to download JumpCloud Protect on Android devices there. Even when downloaded elsewhere, JumpCloud Protect push won’t work when traveling to certain countries.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

Can my users enroll multiple devices at once? <\/a>
\n

No. Currently, users can only enroll one device at a time with JumpCloud Protect. If they get a new device, they should enroll the new device before wiping the old, or log in using another factor to enroll the new device. If those steps are missed they will need to contact admin for enrollment on the new device.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

If my users enroll in Push MFA, are they automatically enrolled in Verification Code MFA?<\/a>
\n

No. Your users need to enroll in each type of MFA separately.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

Can my users transfer Push MFA enrollment to another device? <\/a>
\n

No, enrollments cannot be transferred. Users must unenroll the old device before enrolling the new device through the JumpCloud User Portal. <\/p>\n<\/div><\/div><\/div>\n\n\n\n

What data does JumpCloud Protect collect?<\/a>
\n

JumpCloud Protect will collect certain diagnostic and usage data for troubleshooting issues and continuous app improvements. There is no user information collected.<\/p>\n\n\n\n

Users can opt out of diagnostic and usage data collection from the Settings<\/strong> > Privacy<\/strong> screen.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

My users are already enrolled in Verification Code MFA through Google Authenticator\/Authy\/Duo. Can they continue to use that?<\/a>
\n

Yes. If you decide to use JumpCloud Protect for verification code MFA in the future, your users will need to enroll in it using the JumpCloud User Portal. Once they do so, their current enrollment will be reset and they will use JumpCloud Protect. <\/p>\n<\/div><\/div><\/div>\n\n\n\n

What security practices are employed by the JumpCloud Protect app?<\/a>
\n

JumpCloud Protect is highly secure and uses asymmetric key cryptography for security. When a device is enrolled and activated, an asymmetric key pair (public and private key) is generated. The private key is stored securely on the device while the public key is stored on JumpCloud\u2019s servers. The push requests and responses are then signed by the key pair making the transactions highly secure.The communication between the mobile app and JumpCloud\u2019s servers is encrypted. All communication is sent through https connections using TLS.<\/p>\n<\/div><\/div><\/div>\n\n\n\n

How can I protect users against Push Bombing and MFA Fatigue Risks?<\/a>
\n

Push Bombing is a hacking method of triggering multiple 2FA attempts using push notifications until the user may accept the request accidentally.  MFA Fatigue is the term for when, due to the multiple 2FA requests, a user accepts the fraudulent request out of frustration.<\/p>\n\n\n\n

Here are ways to protect your organization against such an attack: <\/p>\n\n\n\n