JumpCloud has added support for conditional access policies to its namesake directory to provide IT teams with the ability to restrict who can remotely access what services based on what device they are using or what network is employed.
Company CTO Greg Keller said by extending the capabilities of the JumpCloud Directory, it becomes easier and much less expensive to implement a zero trust IT architecture.
The goal is to prevent such things as remote employees from accessing their email using a PC that primarily runs games and might be infected with malware, said Keller.
At the same time, Keller noted individuals working in a local café could be prevented from accessing corporate applications over an insecure wireless network.
With many employees still working from home to combat the COVID-19 pandemic, many organizations have been re-evaluating their approach to security. Rather than implementing an entirely new network security architecture, Keller said it’s easier for the average IT administrator to extend the identity-based access controls provided by a directory. Those conditional access policies are available as part of the JumpCloud Platform Plus package or can be added to other packages the company currently makes available.
That approach achieves the primary objective without requiring organizations to invest in major network upgrades at a time when many organizations are trying to either reduce or curtail IT spending, he noted.
Even after the COVID-19 pandemic subsides, the number of employees accessing systems remotely is likely to stay high. IT security teams need to find a way to secure applications in a way that doesn’t result in end users looking for a workaround, as is often the case with virtual private networks (VPNs) today.
While there are many approaches involving, for example, software-defined wide area networks (SD-WANs) that can help solve that issue, there always will be a clear need for more control over how any given endpoint is employed. It’s not uncommon for end users to turn off VPNs when accessing cloud applications to improve their experience by eliminating the need for application traffic to be backhauled through a data center. That decision may not, however, conform to IT security policies that require network traffic to be inspected.
Regardless of how remote computing evolves, the days when IT teams might need to support only 10% of a base of employees working from home are over. Organizations now realize they can basically hire the right talent they need anywhere in the world. It might be better on some days for individuals to come into the office, but overall productivity doesn’t suffer simply because someone is working remotely. In many cases, a physical office may no longer exist for an employee to return to, as organizations look to reduce real estate leasing costs.
It will be up to each individual security team to figure out how best to ultimately secure IT environments, but the one thing that is certain is there will be no going back now that a new normal has been firmly established.