JumpCloud adds conditional access policies to cloud-based Directory Platform
JumpCloud is making it easier for organizations and MSPs to adopt zero-trust security models for remote workforces.
The Lowdown: The 8-year-old company on Wednesday announced that it’s adding conditional access policies to its cloud-based Directory Platform to ensure that only those users from known networks and devices and with appropriate privileges get access to company resources.
The Details: JumpCloud’s platform provides identity and access control, delivering authentication and authorization to employee devices, networks, and on-premises and cloud applications. The addition of conditional access capabilities brings policy-driven security checks that ensure authentications are verified through trust networks and devices that the organization manages.
The conditional access policies include components to support a zero-trust model, including:
> Identity trust: The core directory security manages user identities, including credential control and revocation, two-factor verification, and contextual data to ensure the user has appropriate levels of permission when accessing corporate resources.
> Network trust: Makes sure that authentication requests are only allowed from specific IP addresses or ranges of addresses.
> Device trust: Ensures that employees access resources only from devices that are managed by the company and secured through JumpCloud’s mobile device management (MDM) and agent-based functions.
> Policy-driven access control: Control policies tie together the new identity, network, and device trust functions, providing a layered approach that enforces multi-factor authentication (MFA) when networks and devices are deviating from gating policies.
The conditional access policies are available immediately as part of the JumpCloud Platform Plus package. They also can be added to other packages.
The Impact: The increasing sophistication of cyberattacks, expanding government regulations around security and privacy, and the rise of the Internet of Things (IoT) are among the drivers behind a growing market for zero-trust capabilities. The rapid shift to work-from-home models driven by the COVID-19 pandemic also is playing a role. Adroit Research expects the global market to reach $38 billion by 2025, growing an average of 17% a year. The cost of such technologies is holding back wide adoption among small and midsize enterprises, which opens opportunities to MSPs and other channel partners.
Background: The introduction of the conditional access capabilities comes a month after Louisville, Colorado-based JumpCloud raised $75 million in its latest funding round, bringing the total raised since its founding in 2012 to $165 million.
The Buzz: “Our clients have a wide range of identity management needs, made even more complex with a global distribution of users, devices, and the networks they’re signing onto,” said Brian Coleman, founder of MatchstickBHM. “With JumpCloud’s new Conditional Access policies, we can strengthen our zero-trust posture with trusted identity, network, and device, and manage it through a single admin portal.”