Identity And Access Management

Interview: JumpCloud Senior Director Talks Overcoming Identity Challenges And Deploying Zero Trust

Expert Insights interviews Eric Avigdor, Senior Director of Product Management at JumpCloud, to discuss identity management challenges and the JumpCloud Open Directory Platform™.

Expert Insights JumpCloud Interview

JumpCloud is a market leading identity provider, offering an Open Directory Platform designed to act as ‘one directory to rule them all’; a single place for IT admins to manage access for users, IT resources, devices, and connections, and delivering key controls such as privileged access management (PAM), multi-factor authentication (MFA), single sign-on (SSO), and more. 

As digital and cloud transformation has changed the security landscape, accelerated particularly by the COVID pandemic, the features designed to secure and protect the new security perimeter–our user identities–are critical. This is especially true in the context of security frameworks such as Zero Trust, which recommend organizations enforce continuous user authentication and enforcement of least privilege principles for all identities, both human and machine. 

To discuss these themes and more, Expert Insights interviewed Eric Avigdor, Senior Director of Product Management at JumpCloud, who oversees JumpCloud’s Identity and Access Management (IAM) portfolio. Our interview covered how organizations can overcome challenges in the identity space, the JumpCloud Open Directory Platform, and Eric’s advice for organizations to improve their identity resilience. 

We’re continuing to see identity related threats—such as compromised credentials—being the biggest factor driving successful data breaches. What are the biggest roadblocks companies are facing when it comes to securing the device and user authentication process? 

Companies face multiple challenges when choosing an approach to secure device and user identity. One topic is the ability to control access to the device in a similar manner to controlling access to other IT resources. 

At the same time, multiple vendors are required to control access to different devices (Windows, Mac, Linux) as well as manage device OS versions, disk encryption, and content (apps). A mix of vendors/technologies is required to manage user identities across the entire IT infrastructure (provisioning, authorization, access controls) and a complex array of authentication factors makes this effort expensive and time consuming. 

User adoption is also driven by low user tolerance for technologies that do not deliver consumer look and feel. An additional significant challenge is the need to support BYOD both for employees as well as external users (contractors and suppliers).

JumpCloud is a global leading identity provider. How does JumpCloud solve these challenges, and what sets your solution apart in an increasingly crowded market space?

JumpCloud serves exactly these pain points by centrally managing user identities across multiple identity sources, managing devices and controlling access across all IT resources, and enforcing security requirements such as MFA, conditional access, and authorization.

The power of JumpCloud is that this is done from a single platform–a single pane of glass. This saves significant time and money, allowing small IT admin teams to operate efficiently and allowing quick, easy, and secure access for the company’s employees.

JumpCloud serves a unique space that includes small to medium-sized businesses (SMBs) and small to medium-sized enterprises (SMEs). This includes companies that range in size from 50 to 5000 employees. Companies at this range have unique IT needs that are very different from what you would see within the larger enterprise.

In order to address this market segment, IAM needs to be delivered with a significant amount of automation and simplicity that will enable very small IT teams to allow employee access quickly and securely. 

Through its Open Directory Platform, JumpCloud allows IT admins to easily onboard users, automatically provision user accounts, manage identity lifecycle, set up SSO, enforce MFA and conditional access policies, manage devices, and much more.

JumpCloud is an open cloud directory that allows access management both on-premises and in the cloud, across a multi-cloud and multi-platform environment (Windows, Mac, and Linux). The combination of leveraging JumpCloud’s directory for both identity, access, and device management is unique in this space and allows better security controls and simplified access management.

How are you continuing to develop your identity platform to keep up with the ever-increasing challenges in today’s turbulent threat landscape?

We are continuously working to expand JumpCloud’s Open Directory Platform by integrating with more identity sources (third party directories as well as HRIS platforms, like BambooHR and HiBob, among others). We are continuously expanding our SSO catalog to allow SSO to as many applications as possible. We expand automation of identity lifecycle through SCIM/JIT/custom integrations. 

We support many forms of authentication and are expanding our portfolio to include multiple passwordless authentication options, as well as the ability to authenticate with third party credentials. 

The big trend we’re seeing in the security industry today is the concept of Zero Trust. How important do you see the concept of Zero Trust for organizations, and where does JumpCloud’s platform fit into a Zero Trust strategy?  

Zero Trust is a key fundamental concept in the cloud-era that is required in order to securely manage employee access to IT resources that are no longer on-premises behind a VPN and firewall. This becomes even more essential to JumpCloud’s target audience (SMB-SME) that are in many cases cloud-forward companies that are also remote-first. Initially companies try to funnel access through VPN and then redirect to the cloud which proves to be both inefficient and creates a single point of failure, which is the exact opposite of the intention of cloud migration.

JumpCloud, as an open cloud directory, helps customers along their Zero Trust journey in a very unique way by allowing controls on both the user and device identities. This unique combination paired with JumpCloud’s group membership controls, authorization, MFA, and conditional access allows deploying IAM enabling concepts such as least-privilege as well as controlling access with MFA with deep granularity. Authentication can be allowed, denied, or step-up authentication can be required based on conditions and policies.

Most IT admin teams within the SMB/SME space struggle with bandwidth drowning in day-to-day operations. Pairing that with limited expertise on concepts like Zero Trust makes it difficult to progress where larger enterprises have dedicated teams. JumpCloud makes it easy and seamless for SMB/SMEs to deploy access in a way that aligns with Zero Trust.

Finally, what is your advice to organizations struggling with challenges in authentication, access management and identity governance—what are the first steps they should be taking to stay protected?

There are several steps that make it easier to get started:

  1. Manage identities centrally in an open cloud directory
  2. Deploy SSO to as many environments as possible
  3. Leverage a single set of secure credentials for all IT resources
  4. Deploy MFA to the most critical applications (crown jewels) and then to all possible IT resources and apply conditional access to make access easier.

Find out more about JumpCloud here: https://jumpcloud.com