Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Directory-as-a-Service lets you extend Active Directory to all those items AD can't support

John Dix | Jan. 6, 2015
JumpCloud's cloud-based alternative to Active Directory adds support for Macs, tablets, Linux servers and smartphones. A Q&A with JumpCloud CEO Rajat Bhargava.

At bigger companies it's going to be a challenge. That's why we do a couple of things. One is we have what we call an Active Directory Bridge. The bridge can actually work with AD as they have it today, but start to centrally control AWS, Mac devices, Linux devices, all those things.

So you can marry AD to the stuff that is out of reach today.

Right.  We bring it into the fold.  Active Directory is still the authoritative directory.  It just now can extend to everything else.  That's thing one.  Thing two is, in small organizations with 50 to a couple thousand people, they have an easier time moving. Either they don't have a directory or they're using Google Apps or they're using LDAP, so it's easier to switch them.  Or, if they're using AD, it may not be as deeply rooted as in the case you mentioned, and it's a little bit easier for them to pull out.

Over time, I think the number of things that will connect to AD will continue to decrease because you're switching to Gmail, you're switching to more web-based apps, so I think the trend works in our favor. There clearly will be some places that won't be interested in this approach, and some people are going to be scared about having the directory in the cloud, from a security perspective, so they won't do it either.

How do you address that?

We've done a bunch of things. One is, obviously we care a lot about encryption and making sure that the identities are hashed and controlled. We also have built a bunch of layers of network security, and we also create layers with an API key and a connect key. You've got to have a couple of identifiers to even auth with us. So if you've got an application or a server in the cloud they would get these keys, if you will, and without them, your users would never connect with us. We've taken multiple layers to protect everything that's based out in the cloud.

Will your tools stand up to compliance regulations?

We haven't certified ourselves yet, but we're in the process of doing that. In fact, we think we might be an easier alternative for people if they're dealing with compliance regulations such as PCI because then people wouldn't have to deal with all of that stuff themselves. They can just hire us to do it. Our vision long term is that the directory is actually more secure in the cloud because we have layers of security, but also because we will be able to detect when there's compromises on identities. That's part of our path. Today directories have no security built in to them. They might have encryption, but it's not like they detect when an identity has been compromised, and we think that's a pretty big opportunity for us.


Previous Page  1  2  3  4  5  6  Next Page 

Sign up for CIO Asia eNewsletters.