Remember when offices were neat, standardized affairs? Rows of cubicles and corner window offices were supplied with almost identical Windows desktops, and Microsoft Domain Controller was all the information technology department needed for identity management.
Then cloud and COVID exploded the environment. The already eroding standardization on Windows devices went out the window. Employees chose the operating system most efficient and convenient for the device they happened to be on in the place they were working. Centralized identity management became a thing of the past at the same time as cyberattacks skyrocketed.
“As we moved into this remote, now hybrid world, it wasn’t the office as the gating point anymore … the new perimeter, the new barrier for organizations, especially how they’re thinking about security, is the people’s identities behind that,” said Chase Doelling (pictured), principal strategist at JumpCloud Inc.
Doelling spoke with theCUBE industry analyst Lisa Martin in advance of the “Cybersecurity — Detect and Protect Against Threats” event, an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio, airing on Sept. 7. They discussed secure identity management in the hybrid workplace. (* Disclosure below.)
Monotone corporate culture takes on hybrid color, but security suffers
Three years on from the height of the pandemic shutdowns, 58% of the American workforce now work from home at least one day a week, according to McKinsey & Company’s “American Opportunity Survey,” and Gartner Inc. listed the “distributed enterprise” as a top trend for 2022. After being slowly eroded over the past two decades, it seems as if the monotone corporate culture lambasted in the movie “Office Space” is being permanently replaced by a hybrid workplace where employees communicate via video and location takes second place to efficiency, flexibility and resilience.
While this has long-term benefits, the immediate impact on the IT department has been a scramble to provide secure access to data and applications across multiple devices, operating systems and locations. It requires more than identity management through a centralized directory, as zero trust and levels of compliance must be considered to control unauthorized access and identity hijacking.
Addressing these needs, JumpCloud built its cloud-based Open Directory platform. The solution provides a single pane of glass view for users to manage identities and secure associated Mac, Linux or Windows devices no matter where they are in the world.
“We’ve really takingn, evolving and really kind of ripping apart this notion of what a directory was,” Doelling said. “We were thinking about not only managing that identity, but taking an open approach so no matter where the identity’s coming from we can integrate that into the platform. But then we’re also managing and securing those devices, which is often the most important piece.”
A lifecycle approach to identity management provides cross-departmental security
JumpCloud’s approach encompasses the entire lifecycle of an employee’s tenure at a company, which generally starts with an applicant’s resume being uploaded into the company’s systems and moves on through the onboarding process to official employment and day-to-day operations. Acknowledging this, the Open Directory platform was designed so that the human resources department, as well as IT, security and any other department, could access the employee’s identity management across the larger use case of “making work happen,” because when identity management is tightly integrated across departments on one platform it is more secure, according to Doelling.
“You’re not passing notes along … especially when it relates to something as important as someone’s identity, which is more often than not the most common attack vector for people to go after, because they know it’s the keys to the kingdom,” he stated.
JumpCloud is an Amazon Web Services Inc. preferred identity and single-sign-on provider. This gives startups access to secure identity management services from the very beginning of their journey. The company also differentiates with its open stance, which allows it to avoid vendor lock-in and operate across operating systems and in multiple cloud or on-premises environments.
“We’re really looking into making sure that we can work within your environment as it stands today or where you want to migrate in the future. No matter what you’re operating on, it all comes back from the same dashboard,” Doelling said.
The Open Directory platform also works with many protocols, including LDAP, RADIUS, SAML, SCIM, and OpenID Connect, within a company’s IT and security stack, as well as managed services providers if applicable.
“We are able to tie in all those different pieces, so now, all of a sudden, it’s not just one platform, but you have your whole business tied into it, [and] that gives you some flexibility to evolve,” Doelling stated.
JumpCloud’s goal is to create the flexibility for organizations to make their own decisions, not lock them into a walled garden.
“Any size company that you’re at, we can help support all of those different facets in bringing in those different types of technologies all into one roof,” Doelling said.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s pre-event coverage of the “Cybersecurity — Detect and Protect Against Threats” event:
(* Disclosure: JumpCloud Inc. sponsored this segment of theCUBE. Neither JumpCloud nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.