Dive into the enlightening conversation between ITSP Magazine and Chase Doling of JumpCloud, exploring the pivotal role of identity management in enhancing organizational security and operational efficiency in today's hybrid cloud environments.
In an enlightening discussion on ITSP Magazine, Sean Martin, a seasoned voice in the technology space, dives into the evolving realm of identity management with Chase Doelling, Principal Strategist at JumpCloud. This conversation sheds light on the operational challenges organizations face in today's complex digital landscapes and how identity management stands at the core of addressing these issues. Below, we unpack the essentials of this dialogue, offering insights into identity management's current state, its implications for businesses, and how JumpCloud is pioneering solutions to streamline and secure identity management.
The Evolution of Identity Management and Its Current Challenges
The conversation begins with an exploration of the journey to the present state of identity management, particularly in the context of hybrid cloud environments. Sean and Chase navigate the history and complexities that have led to the current landscape, emphasizing how identity management has become central to enabling business operations, securing revenue, protecting against cyber threats, and facilitating growth.
Chase Doelling articulates the paradox of identity management: when it's functioning seamlessly, it's virtually invisible to organizations, yet it's fundamental to the operational, security, and business continuity of any organization. The discussion highlights how the COVID-19 pandemic has accelerated the shift toward remote work, intensifying the focus on identity management as organizations navigate the challenges of a global, hybrid workforce.
The Integral Role of Identity in Modern Organizations
The conversation shifts to how identity management, viewed as the hub around which all tech solutions revolve, has evolved. Over the years, the perception of identity management has oscillated between being a centerpiece and receding into the backdrop. However, with increasing cybersecurity threats and the adoption of multi-cloud environments, identity management is now more crucial than ever.
Doelling vividly illustrates the concept of identity being at the core of operational enablement, drawing parallels to how it grants access and interconnectivity within the organizational ecosystem. This section of the dialogue underscores the critical nature of identity management in enabling access to resources, ensuring security, and fostering operational efficiency.
JumpCloud's Role in Shaping the Future of Identity Management
As the discussion unfolds, the spotlight turns to JumpCloud and its innovative approach to identity management. Sean Martin probes into how JumpCloud's solutions are designed to address the multifaceted challenges businesses face today. Chase Doelling provides a comprehensive overview of JumpCloud's role in redefining identity management, detailing how their platform aids organizations in overcoming operational hurdles through seamless identity and access management across cloud environments.
JumpCloud's solution is presented as a robust platform that integrates digital identity management with device management, offering a unified approach to secure access across various applications and systems. This integration is crucial for enabling passwordless access, simplifying onboarding and offboarding processes, and enhancing overall security posture.
Evolving with Identity Management: Insights and Future Directions
In concluding the conversation, Doelling emphasizes the importance of a proactive and curious mindset towards identity management. He encourages organizations to re-evaluate their approach to identity management, considering its central role in ensuring operational resilience, security, and scalability. The discussion ends with a forward-looking perspective, highlighting the need for organizations to adapt and evolve with the trends in identity management to stay competitive and secure in the digital age.
This insightful episode with Chase Doelling not only highlights the critical role of identity management in today's digital landscape but also showcases how JumpCloud is at the forefront of innovating solutions that enable businesses to navigate the complexities of modern IT environments. As organizations continue to face evolving challenges, adopting a cohesive and integrated approach to identity management will be key to ensuring operational efficiency, security, and business growth in 2024 and beyond.
Note: This story contains promotional content. Learn more.
Guest: Chase Doelling, Principal Strategist, JumpCloud [@JumpCloud]
On LinkedIn | https://www.linkedin.com/in/chasedoelling/
Resources
Learn more about JumpCloud and their offering: https://itspm.ag/jumpcloud-pg7z
Catch more stories from JumpCloud at https://www.itspmagazine.com/directory/jumpcloud
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Simplifying Identity Management in 2024: A Deep Dive into Latest Research about IT and the Role of MSPs | A JumpCloud Brand Story with Chase Doelling
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Sean Martin: And hello, everybody. You're very welcome to a new brand story here on ITSP Magazine, where we get to talk about really cool technologies that help organizations solve some of their operational challenges. And today we're going to look at identity management and that in the context of multi hybrid cloud environments and solutions.
What does that even mean? Right? How did we arrive at this point? And, uh, I'm thrilled to have Chase Doling on. He's the, uh, Principal Strategist at JumpCloud. Chase, thanks for joining me.
[00:00:37] Chase Doelling: Perfect one. Thank you so much for having me. Yes, it will be an exciting topic to dive into, and especially right. How did we get here in 2024 with all these fun problems?
We haven't talked about that.
[00:00:46] Sean Martin: I know we do it to ourselves. Hopefully we can get ourselves out of the, out of the pickle we put ourselves in. Um, but I joke a little bit, but the ultimate goal is to enable the business to operate and to generate revenue and hopefully protect that revenue and Identity is at the core of a lot of that which we're going to get into a lot today.
I'm sure Before we do that though a few words about who Chase is. What have you been up to? Maybe describe a little bit about your role at JumpCloud as well.
[00:01:18] Chase Doelling: Yeah, absolutely. So I I have an interesting role where I kind of sit a bunch across several different teams, especially across our go to market, help support our strategic alliances.
Um, but at the end of the day, it's kind of help telling the JumpCloud story and making sure that it fits within, you know, multiple worldwide organizations as they grow and adopt and think about. You know, things like their digital identity. How does it translate? How does it get them in the cloud across devices?
All those different aspects that we come into it. Um, And i've spent, you know, my whole career has been in venture backed startups touching across different elements of security identity Um api orchestration all sorts of fun, right that kind of ultimately leads into this Um, but over that time period you start to realize well, there is a core motion right and if you can get identity Correct, right?
It helps Prevent so many other headaches that you might have both internally as well as externally when you're thinking about reducing, um, that security, um, surface area, right? And from your attacks.
[00:02:16] Sean Martin: Yeah, and we can easily paint a picture where something sits at the center of the hub. Um, It could be data, it could be applications, it could be whatever, but there's no question, identity, it's, it really sits at the center, at least for me, because it, it's what grants access to all these different things, to each other, um, and I don't know, I, I just, when I think about identity management, I think it kind of goes through this cycle where it's a big deal, and then it kind of goes in the background, and it's a big deal, and kind of goes in the background.
I've seen this happen over the years. 20, 30 years that I've been in this space. Where, where do we sit right now with respect to identity and And what kind of challenges have emerged?
[00:03:03] Chase Doelling: You know, it, it, it's a paradox, right? Because when identity works well, you don't think about it, right? The whole goal, as you mentioned, like organizations, it's not to wake up and worry about, Oh man, do I have my configurations?
Man, like, are we set there? It's no, I want to build and work on and grow the organization, right? I just want to get work done. That's what I want to do. And so I want to log in. I want to go from there. And, and so we're enabling more technologies to allow people to get to that point. I just want to sign in.
I want to leverage certs. I want to use all these different pieces. So we actually, I don't have to think about it, right? Like the best identity management is like when you get it out of the way. However, as an industry, we're seeing more and more focus on identity. And primarily that's becoming, cause there's so many more attacks, right?
Especially basically COVID started the golden age of cyber attacks, right? Everyone's, everyone's working remotely or started to go within that motion. And then all of a sudden. The access question came up right? Oh, great. Now I have a global hybrid workforce. Are they coming back into the office? Where are they going?
We were, you know, and you have a lot of organizations that started fully remote, right? And continue to be so. And the identity remains at the crucial point because it is the one piece that no matter where in the world I am, right? It's my challenge and assertion back into those corporate resources to say, yeah, I can actually access those things.
Like I want to get into it. I am who I say I am, and I can go from there. But that is so valuable, especially from an attacker's perspective, which is why you see so many more attacks that are identity focused, where it's, yes, I want to continue to fish you and kind of get as much as I can out of you. And there's still a lot of those.
But really you're seeing a lot more sophisticated campaigns to come and say, great, now I want to own kind of these admin privileges. And now that's how I want to operate in and around the organization. Um, so we're, we're at that crucial dynamic, right? Where it's like, I want to make life easy, but I also know that it is top of mind for many IT and security professionals in terms of how I think about maintaining, you know, good baseline of security for within my organization.
[00:05:01] Sean Martin: So I'm going to, I'm going to date myself here. And the, the gray. Would probably do it anyway, but, uh, I can recall back in the day where we'd have windows and network scripts that when you logged in, all this magic had to happen to connect multiple on premises, different operating systems, different networking operating environments together.
Sometimes through AD, sometimes through network stuff, but, and then you add, I don't know, your mail system with some other, other thing you had to somehow connect to that. I can, that seems simple now, compared to what we have.
[00:05:40] Chase Doelling: Yeah, it's good news, bad news, right? Good news is you look amazingly young. Bad news is there's actually a lot of organizations that are still relying on them.
Right. In terms of traditional AD setups going in through, make sure you got a VPN through all those different systems. And that's actually what gets a lot of organizations in trouble is because it's still pretty complex. Like you, that's, that's where that area of misconfiguration mismanagement comes in.
And there's still a ton of organizations that are relying on. Kind of legacy on prem systems and when they think about identity and part of it is like hey I just I don't want to touch it and because it's really hard and complex and so But at the same time it's the most attacked vector that any organization faces And so now you're kind of facing this dilemma now of like great if i'm a modern organization I'm going to move away from that stack.
And now even traditional organizations are like, okay, when's enough, enough. Like there's, there's so many more resources now available that I need to stop kind of working within the confines of an Active Directory force, whatever that might be. To making sure that I can adopt those resources, right. And making sure that again, the organization can adopt the types of technologies that it needs to in order to compete in 2024 and beyond.
[00:06:51] Sean Martin: So we're, we're probably preaching a bit to the choir here, folks listening to this, but I really want to drive the point home where identity is kind of enabling all these different things to happen and the teams involved to ensure that it's all. Set properly and manage properly and monitor properly. I mean, because ultimately it's about the business workflow So you have, you have employees, you have partners, you have temporary contractors, you have customers, perhaps, um, that's all people you have devices, which we'll probably touch on here in a second.
But underneath that, you have IT operations, multiple environments there. Perhaps you have the security operations to, to secure it all. You have teams, right? That have to know this stuff and get training and all that. And then of course, nothing's always shiny, fancy and new. You have. I don't know. Maybe there's some network still lying around somewhere that you have to, you have to fold in and because there's a business, business process that requires it still.
So talk to me a little bit about how organizations are starting to analyze. The impact identity has on all this stuff and where they're starting to make some changes to simplify things, reduce exposure, improve their posture, help their teams not pull their hair out. Um, what, what's going on there?
[00:08:18] Chase Doelling: Yeah, I think for a lot of us, it really, You know, the, the overused and over coined term, but digital transformation.
Right. And, and that was really the first motion where you're like, okay, I'm now going to rely on someone else's services in the cloud to run my core operations of compute. Right. And so like, that's kind of where I'm and over time, more and more organizations have gotten more comfortable with the cloud, um, or have adopted it in certain ways and you slowly move down this, this kind of stack and then kind of the last piece there is.
The last server in the closet, right, is around your identity. And you're like, okay, now can I finally move that? And there's more of an impetus to do this now because now all the resources are outside the company, really. Like if I go in the office, like there's not much for me there except for some monitors, right?
Because even most of our infrastructure is global. It's now all across and it no longer is kind of this lock and key scenario that I think most people have within their minds, right? We've kind of moved from this domain area where you kind of walk into an office. Hey, everything's there and you leave the office and everything is still there.
Now it's all over. It's 24 7 and it's truly a domain less. Kind of enterprise operation. The crux of that is now how Chase, do I get into all the different things? Right. And now I have to do that digitally. And now that element of digital trust, it needs to be heightened across because then also, you know, what you're playing against is also more like, there's a lot more IP.
There's a lot more at stake, especially since it's living in all these other different systems. And so now organizations are really approaching it from that perspective of like, okay, now it's actually safer. Right. To have my identity in the cloud, because now you don't have to do as much of translation.
And to your earlier point, in terms of understanding what people are actually doing, like there's an auditing and monitoring and management scenario that comes into play. And so while those move to the cloud, that actually allows those types of systems and those types of teams to move faster because they're able to see it in real time.
They can take action. Um, and then also, as you mentioned, kind of merging that identity down into the device level, because that's really kind of the, the. The symbiosis that we have here in terms of, you know, what I'm calling it on today, it's like, this is kind of the only piece of corporate equipment that most people have in kind of this modern work style.
And so how do you make sure that that is secure along with a secure identity that gives you access into all the right things. And the tricky part is nothing more right. And making sure that you have those, those access settings.
[00:10:49] Sean Martin: And, uh, what is it, access creep? That's probably not the right word, but yeah, the shift, the drift, whatever you pick your favorite, it looks different tomorrow than it does today.
Um, describe to me what cloud identity looks like. I mean, I can, I can picture it in, in a traditional Active Directory. Um, but I, I can tell you that my, my password safe is a mess, right? They're all identities for me, all this stuff that I access all the time. So I'm, uh, what's that, what's that look like for organizations?
[00:11:26] Chase Doelling: You know, it's the exact same with a better AI. No, I joke. It, um, there is so many more nuances. And again, we're trying to manage this, um, parallel world in terms of the identity that you see as a user, right? As you kind of come in and say, I actually want it to be as close to one as possible, right? Cause it's like, that makes my life easier because one of the other elements that when you move your identity kind of in the cloud is you actually start to what I call kind of get rid of your identity schizophrenia.
Because even then you'd like, I have 10 different logins for all these different resources and it's all across the area. And then you look at from the other side of the fence, from IT security operations. Great. Now that's 10 other identities that I have to kind of mishmash and integrate and kind of have a sense of what they're truly getting into.
And so for both sides of that coin, there's really this motion to kind of consolidate all those different identities and into one kind of truly secure managed identity, because that allows you better visibility, it reduces a lot of the shadow IT that you start to see within organizations. And so that is the goal.
And so behind the scenes, right from, I mean, take the user out of the way, And kind of look under the covers. There's a whole lot going on to making sure that that can actually come into what that means within an organization. And so I guess to just kind of walk you through a scenario, you know, Chase, great day one, I just joined an organization.
Um, but actually, you know, my digital identity and kind of who I have and proof of self goes beyond kind of making sure I got driver's license, passports, and W2s and all those other pieces. Cause really my goal is. Access into the work. And my digital identity has actually been created long before that, right?
And so either through applicant tracking systems when I first got into the job, and then you go into the HR system and now you're hired, but then it's great. Now I'm provisioning that into either Google Workspace or Microsoft 365. It's getting provisioned to the devices. What about all the single sign on apps?
Okay, now that needs to be challenged. And so I have some MFA biometrics options that come into it. So, Even though you're joining the organization already, your, your, your digital identity starts to spread really quickly, which is good because it allows you to be predictable and productive, but it's also bad because now if it's not done in an orchestrated or timely manner, then you get this spread, right?
And then it becomes a mess later, especially from an offboarding perspective, when someone leaves the organization and say, great, okay. I think we got eight out of ten, right? Hopefully we didn't get miss the critical ones, um, in terms of that off boarding workflow. And so the more that you can get to a one to one ratio, that is actually the most secure when you think about kind of all the different elements of an identity lifecycle management as you start to go through some of those pieces.
And so that's, that's the goal, right? Is to really get it down to one, because it's more manageable, it's more automatic, and And it's more auditable, which is, you know, the favorite piece right now, because there's a lot of organizations that are really going after kind of ISO and SOC2 and other compliance frameworks, or even, um, cyber insurance, where you have a little bit more checks and balances than most organizations are used to, and that's really helping them accelerate from their security perspective.
[00:14:30] Sean Martin: So what are some of the triggers, life events at work that, uh, Kind of prompt, I don't know, is it security teams, IT teams, both together to say, we need to change this. It's either gotten out of hand or we're about to embark on this new project. And that's not going to scale. It's going to be, performance is going to lag, whatever.
Paint a few or share a few stories where organizations say, now's, now's the time to kind of scrap the legacy stuff and, and, Oh, let's transform, let's transform our identity.
[00:15:13] Chase Doelling: Um, I think there's a couple of different ways that we can approach that. And I'll kind of, I'll kind of share kind of two, maybe a couple more anecdotes around kind of more external, right.
And say, Hey, you know, there's a lot of things going on in the world. Um, and then also I'd say internal that our company focus that we start to see and kind of, and, and, you know, there's hundreds more, right. As we can kind of look across this, but I think everyone can start to relate at least a little bit.
Um, the first, when you look at. External adjustments and then say, great, what's going on in the world. One, everyone and their mothers talking about AI. We also have, you know, higher interest rates. So things are more expensive. Um, there's workers everywhere now, because I think, you know, it used to be, Hey, we got into remote work and that was a really big challenge.
But now a couple of years later, I think everyone's really kind of adopted it. And now you're actually seeing more organizations kind of accelerating it. So there's a lot more global talent that is available. And each one of those comes with different nuances where. The teams are looking at, okay, can we bring on the right people in the right places to access those right things?
And how much does it cost, right? Is there an opportunity to bring in platforms where you're able to consolidate multiple different point solutions that you might have paid for, right? So there might be an economic driver where you're looking at say, great, here's how I want to do that. Another one is, um, in terms of just general security threats.
There's, there's a lot more going on. Um, there's a lot more organizations that have either been attacked, been exposed, um, or there's this external threats that are coming in and say, okay, now's the time, right? If it, if it hasn't happened already, it's going to happen soon. So what are some of the actions that we need to take?
Those are some of the moments that you kind of start to get, get yourself off the couch and really start to evaluate truly kind of what's out there in the market and what are the changes that me and my team can start to make to be ready and adopt. As you know, we move forward in the world. The other aspect I would say is like, let's imagine you're part of organization that's super successful.
Let's, let's play that out. Great. You know, we're, we raised some funding, we're growing really fast. We went from a hundred people to 500 people. And now we're tracking towards a thousand. Well, that becomes a nightmare for many identity and security teams. Cause now you have an influx of people that are all trying to access the same things at once.
And now automatically you have to scale. All these different aspects around your organization and not only do you have to do that, you also kind of have to up level it a little bit, right? Because you're building brand, you have a lot more equity here in the world. And those are some pieces that you really say, okay, great.
Now, what are the types of software and processes that I need to adopt? Not only to kind of manage what I have now, but to be able to But also continue to grow. Another interesting nuance around that is great. Maybe it's around M and A. So you acquire another organization that has different settings, right?
They were on a different stack. They're kind of doing different things. So now how are you able to manage their identity? Kind of bring it into your existing identity, all while making sure that the rest of this goes. And so there's a couple different nuances even within that, where you start to think about, okay, again, how can I start to consolidate my Not only what I'm leveraging across my product stack to making sure that I don't have to integrate 10 different things all into each other, but then also from an identity perspective, say, how can I start to making sure that people have access to what they need, even though we have, you know, we might have purchased a bunch either through acquisition or just organic growth.
Now it's time to come into the fold.
[00:18:33] Sean Martin: And I know, thank you for that. I know, um, thank you. Each environment's different, um, different processes, different tech stacks, whatnot. But where do you find the most success when, where, where do. Where do organizations typically start where you see they have the most success in the, the updating of their, of their identity program, um, kind of, I'm like, trying to frame and scope where they begin their journey.
[00:19:03] Chase Doelling: You know, in, I think one of the pieces that I come back to a lot, or at least we see it, it really comes back into a mentality. In terms of how you think about things. And I would say that the older mentality of kind of, okay, great. We'll either just, you know, we'll mention Microsoft here, but just buy all the Microsoft stuff, great.
Implement it and kind of go from there because we've done it for the last 20 years. Right. And so there's a, there's a rinse and repeat motion and kind of other things, uh, which is fine. Right. But if you want to evolve and be ready for what's next, then you need a little bit more of a different approach in terms of, okay.
Let's get back to some first principles of like, what do I really need to operate? I need to operate the device in front of me. I need to operate the website behind it. I need to operate the applications behind that. Um, and making sure that those access patterns are set up for success within my organization.
And so I think it's really kind of stepping back and say, Oh, great. I don't need to buy everything across the shelf, but what is the most ideal scenario? And so that way I can just enable people to work. And so I think kind of bringing it back down into that level really kind of sets organizations apart.
And then so that's really kind of where you have more organizations that look at and say, great, I get it. I mean, you know, the identity is tied to the device. I have my security settings set up in place. I have all the factors of authentication that I deem fit, right? Some people like to go overkill.
Sometimes you don't need it as much. And so it's really finding that balance where it allows you to move as fast as possible, but as secure as possible. And if you have that type of mentality, then that's really where you start to go discover, get curious. What else can you add into your organization that moves a little bit faster versus, well, the rest of my laurels are kind of, I did this, you know, last organization I was in, right?
And so if you have kind of more of a rinse and repeat mentality, especially for kind of rotating CISOs or other pieces where it's like, no, this is what I'm comfortable with. I'm going to go, um, that's fine. But your other peers will start to outpace you because then they're starting to look at other pieces.
Bringing that in and, you know, AI is just another accelerant on that, right? Another topic. And you say, great, how do I want to add that in? But it's, it's always a part of five other products that you're thinking about or operating within your business to making sure that it's stable. So that's, that's usually where I'll see most of our customers kind of outpace.
And then it really kind of cuts across industries, geos, kind of everything else, because we have a lot of. Um, a global expanding customer base. And we, yeah, I'd say multiple different industries, which is frustrating for me because I'm, I'm a marketing nerd and you can't pick a vertical. Um, but it goes to show you how broad and how important managing a secure identity, merging of the device has truly become within modern organizations.
[00:21:42] Sean Martin: Yeah. And then the key, if you ask the business leader here is that they, they want to reduce friction to for speaking specifically to employees so they can do their work. Right. So you can deliver the product and service to the customer and which means I want as little, so I want, I want a better experience for the employees and I don't want a bunch of friction or downtime as we arrive there.
So I'm just thinking one of the, one of the things we talked about before we started recording was they, they got the password lists. Right. Achieves the one, I don't know how it impacts the, well, we have to update all our apps and all our other processes. So talk to me about how some of your customers kind of work through that to achieve the ultimate goal of doing it in a way that doesn't, Dramatically impact the business.
[00:22:43] Chase Doelling: It has been, I'd say it's been a journey. If you think about providing access and getting it the right way. And so I'd say most of us, great. You start out and it's like, great. In order to get that, you need a password. Like, ah, okay, fine. Like it wasn't our favorite, but then we had sticky notes and hide them around there and then all of a sudden great password managers came out and like, okay, cool.
Now I can, it's still. It helps them remember faster, but it didn't solve the underlying problem. Which is, that's kind of the only other access and kind of, when you think about the assurance that you need for someone who's authenticating into it. And you know, it's, and it gave rise to a lot of different brute force attacks and kind of all the things.
Okay. Now we come along and say, well, we're going to have more factors of authentication, right? Whether that's, um, temporary one time passcodes, whether it's push, all those different pieces. Okay, now we'll add that into it. And so most organizations say, great, we'll have that and that and that. And so there's been this notion that every piece of security that you add in, it adds friction, right?
And so as a user, like, I don't want to do that. I don't need to sign in 40, 000 times. I'm just trying to get this document out, or I need to look up this thing, right? And it gets in the way. And throughout that, you know, I would say, um, password and MFA fatigue really becomes real people like that as part of my daily operation.
And I'm, I don't want to deal with it anymore, but that is what I signed up for in order to operate within the confines of a secure organization. Now, I think we've finally gotten to the point where you're starting to see it with passwordless, passkeys, and some other elements where you have a combination Like biometrics.
And so even within our own, um, IT trends report, we saw the adoption of biometrics just continues to grow because It's easy for everyone, right? And they're like, yep, great. I'll do my fingerprint. I'm on a Mac, right? Or for those on Windows, you're like, can you, like, I'm just gonna do it. I just need to get in.
I don't care how it does it. I just want to get in. And so now that you have a combination of technologies, including about metrics and certs and, and other pieces that you're relying on that identity, you're finally removing a lot of that friction while maintaining a very secure kind of under the hood experience.
Right. And so even though it feels like magic to the users. There's enough underneath where now I understand that it's just me authenticating in and it's trackable, right? I can kind of go back and I can revoke it. It's not it, and it feels like you have this open door where you're able to go in and operate as a user, but behind the scenes, it's more secure, right?
Not unlike going into, let's say like the new Amazon convenience, you can go and grab some stuff and walk out. It's like, cool, that was super easy. It's just like robbing the place. But underneath, you know that, Hey, it's tracking me. It's understanding it's charging me for these things. And going from that, it's the same type of mentality when you're thinking about your corporate identity, where I think we're finally getting to that merging point where it reduces a lot of the fatigue and the friction while keeping organizations and actually up leveling a lot of different areas where they might've not had that before.
[00:25:42] Sean Martin: I love it. And, uh, I want to get into how you and the rest of the JumpCloud team Help with this because I'm looking at, uh, one of the pages on your website is this connect your employees to any resource from any location from a trusted device with one secure identity. And then the key point at the end is all from the cloud.
So there's a lot of operational stuff at that last point, but describe to me how the jump cloud stack, if you will, solution fits into an organization and how you help them achieve success here with managing identities.
[00:26:20] Chase Doelling: Yeah, absolutely. Um, so trying to keep mostly at, at, you know, industry levels, but we'll, we'll zoom into JumpCloud for a little bit because I do think we're a little bit special within that where we are one of the few organizations I'd say outside of Microsoft that is able to combine your digital identity, right?
When you think about accessing all those different elements and bringing it down along with your device identity. Yeah, absolutely. And once you have that merger pattern, some magic starts to happen, especially as you start to think about unlocking opportunities like passwordless. Because then not only are we looking after managing your core kind of cloud directory identity, but then also access into all those different apps, right?
And then behind that, we're actually provisioning a lot of those accounts and deprovisioning. So from an onboarding and offboarding perspective, makes life a lot easier. And the other element that makes us more unique is that we're managing all different types of devices. So Mac, Windows, Linux, iOS, Android, all of those are being brought into one console.
So now all of a sudden, great, I can manage identity and give my users device choice, right? So if you have marketing people on Macs and finance people on Windows, doesn't matter. I can still have secure policies and reporting across the board of what that looks like. And the best part is, as you mentioned, it's all from the cloud.
We tried to do this driving around in a food cart, but that didn't work, so we adopted cloud technologies. Um, but it allows organizations to operate no matter where they are and provide that level of access and, and also give organizations the flexibility to say, hey, I want more conditional access there.
I want to restrict those types of things, um, and go. piece. And then the last element that really comes together is kind of this passwordless access motion. Because we are managing your cloud identity, because we're managing that device identity, now we understand the biometrics and the certificates behind that.
Now we're actually also managing that browser that you're getting into. And then finally all the different SSO applications behind it. So now you think about opening up the laptop, great I hit my fingerprint and that allows me to authenticate into SSO and then kind of go from anywhere to anywhere. I didn't have to do anything, right?
And it's like, great. It was like one finger and a click, and now I can get into Salesforce, run reports or whatever it might be to be in order for me to operate as a modern knowledge worker. And you kind of take location out of that, right? And it really allows organizations just operate where they are because you have those conditions in the back end where it's like, well, that IP range looks a little funny, or you're kind of doing upset.
Like there's the monitoring, right? That the cloud also provides, and it provides those terms. A lot more security and sense in terms of truly what users are doing across the organization to allow them to adopt and empower those employees a little bit more.
[00:29:02] Sean Martin: So I, I wrote down some, I'll call them attributes, unification, consolidation, those weren't in the same, but, uh, visibility policies with controls, uh, scalability, you mentioned ability to audit and monitor this stuff.
Those are all attributes of, for me in any way, that have a program, uh, That is set to set to succeed. But what I want you to do for me is kind of put a layer around that and describe what success means for organizations. And what I'm looking for here is what are some of the outcomes, right? We, we embark on this journey to do what, um, And we measure that by this.
[00:29:51] Chase Doelling: Yeah. You know, I just move fast, make money and then, you know, everyone wins a day. But I, I think using those themes, right. When you think about unification, consolidation, kind of all those pieces, I'd say I'll break it down into what success looks like kind of across the different. Teams and departments, and then also as the organization as itself.
And so I would say from a security perspective, right. And you're looking at that great. Now I want to unify my stack and kind of centralize that because when I do that, that provides me one better visibility across truly what's happening that allows me to take action, but then also control. Cause now I can implement all those different types of policies that are unified across the organization, right?
Now I know that my baseline level of security continues to grow up. Right. And I can add in more and more there. Then I would say also from, you know, even from the finance department, right? So this is another area that most people don't look at, but when you're bringing in a platform approach like this, you're actually consolidating another, like anywhere from three to five different vendors is kind of what we find in terms of great, now we can actually manage the device.
So you don't need something else for that. Um, SSO. Great. You don't need someone else for that. Uh, MFA. Great. You don't need someone else for that. Uh, radius authentication is another one that kind of comes into that. And then all cloud authentication, patch updates, um, remote assist, right? So as users are getting into, how do I help them out if I am working remotely?
So all those different areas, you're actually consolidating your tech stack, not only in terms of visibility, but But also across costs, right? So now it's great. Now there's a whole bunch of others that I don't have to worry about, you know, in different renewal cycles and the other pieces, you know, and making sure that all each one of those is integrated into each other.
So that way you can still kind of see what's going on. And so those are, I'd say outcomes for success that we see a lot within our customer base is just, let's up level our baseline security because we're able to implement this platform across everything. And so. And while we're doing that, we're actually lowering our total cost of ownership in order to do that.
And so that's the ultimate win win that we find for most people is like, I want to be more secure with less money. Like, yes, you can do that. And here's how, and here's kind of the path. And it's by adopting this type of approach that really allows that. And then that gets back into the organization level, right?
Where it's, if you're less prone to attacks, well, then you don't have to pay for ransomware. And so that helps from the organization outcome, but then it also just allows people to operate and move faster. It allows hiring teams to hire more global talent because they're not limited by that. It allows other teams to adopt more technologies because they're not limited to an on prem kind of legacy identity structure that they now have to work within the confines of.
So it allows the organization to adopt and be more. It allows them to evolve faster within the times, right? When you think about the technology and security that you need in order to operate. So those are really a lot of the outcomes that we see across our customers.
[00:32:41] Sean Martin: I love it. And as a, my brain always looks at everything like a program.
I, I can just picture. An environment where I can see this is how everything kind of should play out. These are the systems and the applications and the users and the devices. And I'm going to, I'm going to orchestrate everything right here based on the scenarios that I want to enable. So the business can succeed on scripts.
Let's just get it done and go exactly. And then, so the experience for the, the administrators and the managers of this stuff becomes more consistent, I think, and maybe a little straightforward, but then the experience for the end user clearly is less of a jumbled mess.
[00:33:24] Chase Doelling: It is. And I'd say one other side benefit that we hear a lot is it actually allows teams to.
Not need, let's see how do I structure this, um, as senior people, right, or resources or other pieces, because it's more simple, right? So you don't have to worry about this max of complexity and say, okay, great, I need, you know, this senior admin to come in and help me. It's actually because we've able to simplify, but then also unify a lot of those different pieces.
It allows teams to Operate in terms of which that they wouldn't have thought about in terms of scale, right? And so in some cases it actually reduces kind of needed head count from that. So that's another kind of additional cross round, but just allows, you know, I would say the IT security teams have always been underfunded and underappreciated since ever, right?
And so this is truly allows them to do more with less across different levels and different types of technologies, um, while also training and kind of understanding across the same platform. So we're all able to level up. And it's super simple, but there's also, you don't have to worry about, okay, this one person has this one expertise in managing Apple.
This one person has one expertise in kind of worrying about our AD environment, or you are able to cross train a little bit faster and level up that entire team. So from an HR and career building perspective, that also is another motivator that we've seen.
[00:34:44] Sean Martin: Nice one. Nice one. Well, Chase, it's been, uh, Been great chatting with you.
I think I could start a whole new line of questions and we can probably go another half hour, 45 minutes. I think, I think we'll leave it here for, for folks. Um, I'm going to ask you this final question as a, as a closing comment from you. If, um, if there's one thing organizations cybersecurity with identity at the core of it.
What would you recommend?
[00:35:15] Chase Doelling: I always leave the tough ones for last. That is a good one. Um, and I think, you know, I, and I don't want to give like the consulting, it depends answer. Uh, I would come back to my original comment where I think if you really want to approach this in a new way, it is much more around kind of the thought process and the curiosity and understanding.
I know I'm a believer, right? And I know that identity exists at the core of a lot of these different elements. Um, but I think other people might not realize it because there's other competing priorities, right? And say, Hey, how does this, you know, I'm more worried about my infrastructure on this type of stack, or I'm more worried about revenue and marketing numbers, or I'm more worried about all these other different components when you think about that.
But when you start to dissect it and have a little bit more of a curious mindset and approach into that, You automatically come back to, well, it's, it's been there the whole time, right? It's been there for all of us. It's, it's how we log in. It's how we do these types of things. And so I think it's just questioning that and be like, well, have I been not complacent, but have I been taking, um, you know, taking that for advantage?
Like, have I underestimated its value? And I think that's really what has gotten a lot of organizations in trouble when you especially think about ransomware and other elements is it's, It kind of took it for granted. Like, we didn't update the settings and it's even the same as, you know, when you buy a new router for your house, you didn't change the password.
Like, you didn't really think that there was that motion. And so I think for organizations, if you're able to flip that script and really just, you know, spend 20 minutes saying, great, if something like this that has happened and it's identity driven, what could truly happen, it's really eye opening in terms of now you can start to think about that scope.
And then it gets you into that mode of. Okay, well now what? How can I secure that? What does this lead into? What does that lead into? Um, and what we find a lot of really smart organizations and smart CISOs will start within that notion of then backtracking from there. Great, how do I have, you know, I'd say the most, uh, the best outcome path.
For anyone across the organization, and it comes back to identity. So if you're able to secure it from that level, everything else starts to fall into place and your whole security and IT operations team becomes much more streamlined.
[00:37:36] Sean Martin: That was perfect. The hard question last, he answered it. He answered it beautifully.
I think, uh, the very first thing, obviously, is understanding. Is there something better here? Can I make some improvements in it? And clearly if you can make improvements here in the program, improve the efficiency of the larger program, you can apply resources to other things that, uh, you may have been challenged with as well.
So, it's been fantastic chatting with you. I hope, uh, folks learned a bit here and, uh, certainly get them to think a bit. And if they, if they need some advice on, on how to, uh, get started. Get that journey going. Do that initial analysis and take some first steps to make things better. I would encourage them to chat with you.
I enjoyed this conversation, so I imagine they would as well if they reach out to you.
[00:38:29] Chase Doelling: Yeah, perfect. Likewise. Thank you so much. An amazing set of questions. It was fun to dive into all these different nuances and elements as you start to think coming into the fold. So thank you so much for having me. I really appreciate it.
[00:38:39] Sean Martin: My pleasure. And, uh, I don't know, maybe we can nerd out on some sector specific stuff at some point. I'm thinking ICS and OT and all these fun different things that who knows what kind of fun goes on in there.
But anyway, Chase, thank you. Thank you to, uh, JumpCloud team for sharing your brand story with us and our listeners.
And, uh, please do, uh, connect with Chase and the JumpCloud team. And, uh, we'll see you on the next one. Thanks everybody.