JumpCloud Acquires Stack Identity to Extend Access Management Reach
JumpCloud this week revealed it has acquired Stack Identity to fuel an effort to add identity security and access visibility capabilities to its directory.
Stack Identity developed a data analytics platform that enables organizations to apply security controls to services as they are accessed in real-time.
Joel Rennich, senior vice president for product management at JumpCloud, said that rather than continuing to offer that platform separately, JumpCloud will instead embed them within its Open Directory platform that many organizations already use to manage access.
That approach will enable JumpCloud to expand the reach of its platform to address identity governance and administration (IGA), privilege access management (PAM), identity security posture management (ISPM), identity threat detection and response (ITDR) and cloud infrastructure entitlement management (CIEM).
Those capabilities will then make it easier for organizations to analyze data to, for example, discover instances of shadow IT that create risks for the organization using a platform provided by a single vendor, noted Rennich.
JumpCloud has been making a case for a directory that provides an alternative to the widely used Microsoft Active Directory (AD) platform. As organizations look to implement zero-trust IT policies based on identity, many are starting to revisit the directory platforms they rely on to grant access to applications and services. The challenge is that existing directories such as Microsoft AD have been in place for decades, so replacing them when a large number of applications already rely on them to manage access and passwords requires significant effort.
However, as more organizations realize that identity management is at the core of any effort to adopt zero-trust IT policies, cybersecurity teams are looking for alternatives that make it simpler to, for example, implement multifactor authentication (MFA) in a way that enforces least privilege access, said Rennich.
A JumpCloud survey published this week finds that 85% would prefer to have a unified platform for managing devices, identities and access, with 60% identifying cybersecurity as their top challenge. In general, the survey also notes that cybersecurity is accounting for a larger percentage of the overall budget. Three quarters (75%) expect their cybersecurity budget to increase over the next 12 months, with nearly half (47%) allocating between 10-25% of their yearly IT budget toward cybersecurity, while 24% spend 26-50%, the survey finds.
In an era where most cybersecurity attacks now involve some method through which credentials were compromised, it’s clear more organizations need some way to reliably verify the identities of the individuals accessing their IT environments. The overall JumpCloud strategy is to make it simpler for organizations to streamline identity management using a single platform, which is also why JumpCloud last year acquired Resmo to extend its reach into the realm of software-as-a-service (SaaS) applications noted Rennich.
Ultimately, cybersecurity depends on the amount of data that can be collected and analyzed to identify threats. The challenge has always been finding a way to analyze all the data to mitigate those threats using the least number of tools and platforms possible. The issue, of course, is finding the initial funding needed to rationalize existing tools and platforms that may not provide the cybersecurity capabilities that organizations now require.
