At JumpCloud, we are constantly investing and developing our Linux infrastructure and capabilities for our customers. We want to enable admins with the flexibility to manage and control Linux devices on the same platform as any other OS (ie. Mac, Windows, iOS, and Android) so they can continue to utilize the speed, stability and security of Linux-based systems wherever they need them.

Since the beginning of 2022, we had planned to increase the velocity and focus of our Linux capabilities. Some of the key areas of focus for Linux included:

• Enable Remote Security Management
• Improve and Strengthen Security Posture 
• Provide Simple & Scalable Patch Policies
• Introduce New Popular Linux Distros

Just take a look at what our customers have been leveraging this year. 

Security Commands

JumpCloud Commands let you quickly and easily automate tasks across multiple servers, launch those tasks based on a number of different types of events, and get full auditing of all command results. To that end, we added more security commands that allow Linux devices to remotely execute management commands, such as:

• Lock
• Restart
• Shutdown
• Erase
• Screensaver/ Inactivity Lock based on timeout period 

New Linux Policies

We added new Linux policies to help organizations manage and secure their deployed Linux endpoints more efficiently while improving their overall security posture. They include:

• Partition Options
• File Ownership and Permissions
• Network Parameters
• Disable Unused Filesystems
• Additional Process Hardening
• Configure RSyslog
• Forbidden Services
• Secure Boot Settings
• Service Clients
• SSH Root Access
• SSH Server Security

Patch Management

JumpCloud Patch Management was launched in Q1, 2022 with initial support for Windows and iOS. Our Linux (Ubuntu) support was a fast-follow in April. The Ubuntu default policies are preconfigured with conservative defaults for the following settings: 

• Defer Rollup/Patch Updates: The number of days to defer the availability of future minor OS updates. For Deferral Days, specify how many days to defer a minor OS update after it’s released.
• Defer Major Updates to Ubuntu LTS versions only: Specify how many days to defer the availability of future major LTS OS updates. For Deferral Days, specify how many days to defer a major OS update after it’s released.

Expanded Linux Agent Support

JumpCloud continues to build out our support across Linux-based systems to enable IT administrators the flexibility to manage all of their deployed devices. Expanding to a variety of new distributions, the JumpCloud agent can be deployed to secure, manage, and view these systems in the admin portal. Our Linux distros include:

• Amazon Linux and Amazon Linux 2
• CentOS 
• Debian 
• Fedora 
• Mint 
• Rocky Linux 
• Ubuntu 
• RHEL and more

What’s Next?

Exciting new capabilities are already in the pipeline for Linux. Perhaps a sneak peek is allowed as we bring good cheers to the new year. Linux support is coming to JumpCloud Remote Assist! Admins will be able to remotely access (view and control) a Linux laptop or desktop to help troubleshoot and resolve issues.

If you have not tried any of our Linux capabilities, sign up for a free account for up to 10 users and 10 devices. Support is available 24×7 within the first 10 days of your account’s creation!

Did you know that nearly half of small businesses experienced cybersecurity breaches in 2021? 

The information comes from a 2021 AdvisorSmith survey of 1,122 small business owners and managers. Yet, a whopping 61% of them aren’t concerned about falling victim to cyberattacks. They think they’re “too small to be a target.” 

Bad actors target small businesses and small-to-medium-sized enterprises (SMEs) just as frequently (if not more so) than established organizations. Websites get hacked, email accounts get compromised, and sometimes, employees even steal sensitive information. 

While it’s understandable for budget-conscious SMEs to put cybersecurity measures on the back burner, it just isn’t worth the risk. Especially when there are simple actions organizations of all sizes can take to improve their security tenfold. 

Before we dive into our top five cybersecurity tips for SMEs, let’s take a moment to better understand what factors might make your organization an easy target. 

Why SMEs Are Easy Targets for Cybercrime 

As previously mentioned, many folks assume adversaries solely target enterprise companies because they provide larger opportunities for blackmail profits.

What they don’t realize is that SMEs are often targeted by chance, not by choice. Cybercriminals may impersonally wade through lists including hundreds of business names without doing much research into organizational holdings. 

With that said, SMEs and enterprise-level companies alike are often chosen for the following reasons: 

1. Money

Most cybercriminals carry out attacks for financial benefits. Naturally, receiving direct payments from victims is the most efficient way to profit from an attack. They usually lock down assets, before demanding a ransom to unlock them. 

Intellectual property (IP) is a highly motivating asset to steal. Criminals know that an SME will pay big to get it back as a leaked IP can bring a small business down to its knees. Some hackers also sell breached assets, data, and information in the black market for profit.

2. Company Damage

Alternatively, some attacks are politically, competitively, or ideologically motivated. Though it may sound like the plot of a thriller movie, disgruntled former partners, business rivals, and unhappy employees have all been known to hijack organizational systems. 

A successful cyberattack can cause major damage. They can wipe data, cause downtime, or even drive a total business shutdown. In addition to depleting bottom lines, they can ruin consumer trust. Breached SMEs also risk facing compliance ramifications, especially if the breach affected other consumers and other third parties. 

3. Access to Resources

Cyberattacks can also be aimed at leveraging the company’s resources and relationships. For example, cybercriminals may target your business as part of a larger DDoS attack, to steal customers’ personally identifiable information (PII) for financial fraud, or just to hijack your computer resources for crypto mining.

4. Testing Tactics

Software engineers aren’t the only ones who run tests! Cybercriminals sometimes experiment with new tactics and attack vectors on smaller businesses before targeting the big fish in the pond. 

SMEs are an easy target in such cases because the criminals expect their defenses to be weak. Don’t allow your organization to be someone’s stepping stone to a more high-impact target.

5. Becoming a Casualty in a Supply Chain Attack

Finally, SMEs are sometimes victims of circumstances. An attack may target a large vendor’s asset and infect the entire supply chain, spreading out to customers, other third parties, and even SMEs that interact with the compromised assets or parties. 

These unintentional attacks may still end up crippling businesses. There are many other reasons why SMEs make easy targets for criminals. But the bottom line is that SMEs’ resource limitations can make them attractive and impactful targets to cybercriminals. 

Read Combining Business Priorities and Security: Choose Your Own Adventure.

5 Simple Security Measures for SMEs

Whether you’re the target of an intentional attack or a victim of an unintentional attack, the implications of a security breach can be dire. 

It’s better to take a proactive approach to cybersecurity than deal with potential financial, legal, and reputational challenges down the line. Below are five simple measures that can help you to improve your business’s cybersecurity even on a budget: 

1. Implement Multi-Factor Authentication

Leveraged credentials such as passwords cause 61% of data breaches. Implementing multi-factor authentication can help in reducing these breaches.

Multi-factor authentication (MFA) is a security method for protecting access to online resources by utilizing multiple (often two) factors to verify a user’s identity. The MFA requires an additional form of identity besides a password. This can be a security key, biometric data, one-time passcode (OTP) via email or SMS, or a push notification from a supported smartphone or tablet app. 

Implementing MFA has many benefits, including securing your resources even if your passwords have been compromised. 

Read How Effective Is Multi-Factor Authentication.

2. Stay on Top of Patch Management

Antivirus software is great at stopping known malware threats. But admins must keep systems up to date in order for them to work properly. This is why it’s important to stay on top of patch management. Your computers, servers, and operating systems should always be patched. 

System patch management is critical because patches often fix bugs and address security vulnerabilities in operating systems. For the modern business with distributed workforces and a variety of work devices and operating systems, manual patching can be a headache. Consider cloud patch management solutions within unified toolkits like the JumpCloud Directory Platform. 

Here’s how JumpCloud cloud patch management works for Mac and Windows systems. 

3. Use Firewalls

A firewall is a security system that filters network traffic and prevents unauthorized access to your network. Besides blocking unwanted traffic, firewalls also protect your systems from malicious software infections. It prevents unauthorized access to sensitive company data. They are an invaluable tool in web traffic management.

With a dependable firewall in place, only trusted sources and IP addresses can access your systems. Firewalls often differ based on their structure, functionality, and traffic filtering methods. Some of the most common firewalls include:

• Packet-filtering firewalls 
• Next-generation firewalls (NGFW)
• Stateful inspection firewall
• Proxy service firewall

Firewalls are crucial components of any perimeter-based cybersecurity. For your network and devices to be protected, you need to properly set up and maintain your firewall. Always ensure your firewalls are up to date.

4. Enforce Strong Password Policies 

All your cybersecurity efforts can go to waste if you have ineffective password policies. Besides emphasizing strong passwords that are difficult to crack, you should also encourage your employees to change their passwords regularly and not share them with other people. Implement multi-factor authentication as discussed above.

Read Best Practices for IT Security Passwords. 

5. Implement the Principle of Least Privilege

People within your organization can pose significant security risks too. Insider threats happen when people with access and privileges abuse them. This is why it’s crucial to carefully consider who needs access to what.

Implementing the principle of least privilege will protect your resources from insider threats. Additionally, it makes it easier to monitor compliance and makes it easier for your employees to access the resources they need instead of having to sift through everything.

Read Your Guide to Privileged Access Management. 

Simplify Security With JumpCloud

For SMEs with lean budgets, cybersecurity can feel unattainable. But you can’t afford to completely skip on security. 

The five simple, cost-effective actions outlined above can significantly improve cybersecurity without breaking the bank. There are also affordable tools such as JumpCloud, with a la carte options, that can help SMEs streamline security efforts in a centralized platform. 

Simplify your security with JumpCloud.

“The house of every one is to him as his Castle and Fortress as well for defense against injury and violence…”— Sir Edward Coke, English judge and jurist.

Coke uttered the famous words across the pond more than 400 years ago. For centuries, the legal precedent has underpinned the right to freedom from intrusion. 

One can only imagine what Coke would think about today’s ongoing privacy debate between consumers, big tech, and legal systems. 

No longer are homes the only places we store personal information. Today’s companies have multiple options (and incentives) for collecting, storing, and sharing data. 

As the IT admin of a small-to-medium-sized enterprise (SME), what do these developments mean for you? And what are the essential things you need to know about data privacy laws?

Keep reading to learn more about data security versus data protection, the history of data privacy laws, and the most relevant laws in the U.S. and Europe. In addition, we’ll share our best tips on how to strengthen your compliance efforts. 

Data Privacy Laws and Why They Exist

The topic of data privacy entered the world stage in 2018. That’s when the Facebook-Cambridge Analytica scandal flashed across news headlines around the world.The New York Times reported that the company harvested the Facebook profiles of 50 million users, without their permission, for nefarious political purposes. 

Shortly after, several high-profile data breaches further emphasized the need for enhanced data privacy and security regulations. Google+ developers discovered a breach that allowed 438 external apps to access 500,000 Google+ users’ data, including names, emails, addresses, occupations, genders, and ages. The result? 

Lawmakers and regulators worldwide are now taking data privacy seriously. Several laws and regulations have popped up in recent years to protect people’s privacy. The most notable and expansive of these are the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States. We’ll dive into these regulations in a moment, but first, let’s define data privacy laws. 

What Are Data Privacy Laws? 

Data privacy laws are mandates that govern how organizations can collect, use, and share personal information. The laws exist to protect individuals from having their personal data mishandled or misused.

In addition, data privacy laws set standards for how organizations must handle and secure data and give data subjects rights over their information. This often includes the right to know and permit what information is collected, the right to have it erased, and the right to object to its use. 

The specifics of data privacy laws vary from country to country. But they all aim to achieve the same goal: to protect people’s information from falling into the wrong hands.

Benefits of Data Privacy Laws

The benefits of data privacy laws for individual data subjects are self-evident. However, they may seem somewhat burdensome for corporations.

After all, complying with data privacy laws requires significant time, resources, and money investments. But make no mistake, adhering to data privacy laws is not only the right thing to do, but it’s also good for business.

1. Enhance Consumer Trust (and Credibility)

In a world where data breaches are becoming increasingly common, customers want to work with companies they can trust. 

In fact, 71% of respondents in a 2020 McKinsey survey stated they would take their business elsewhere if a company released sensitive information without permission. Complying with data privacy regulations sends a strong signal to stakeholders that you take privacy seriously and do everything you can to protect their data. 

2. Level the Playing Field

Submitting all companies to the same standards means the differentiating factor would be products and service quality, not who has the most lenient data privacy practices. This is particularly important for SMEs that lack the resources of larger corporations and would be at a competitive disadvantage if there were no data privacy regulations.

Understanding Data Sovereignty

As noted earlier, different countries have different nuances on data privacy laws, making the discussion on data sovereignty ever-important.

Data sovereignty is the concept that data should be stored and managed in compliance with the laws of its country of origin. This is especially critical for companies that operate in multiple countries, as they need to ensure that their data complies with the laws of each country.

It also extends to the idea that organizations should store data originating from a country in the same country to avoid subjecting individuals’ privacy to a foreign government’s jurisdiction.

Data sovereignty has immense relevance in cloud storage applications as companies sometimes host servers in different countries from where the data is collected. Data sovereignty will become even more critical as the internet grows and expands.

Data Security vs. Data Protection 

People often use the terms data security and data protection interchangeably without realizing they are two completely different concepts.

Data Security

Data security is the practice of restricting access to data. This includes ensuring that only certain users can obtain data and that information is not modified or destroyed without authorization. 

Data security is vital for both individuals and organizations, as it helps protect information from being misused or stolen. Examples of data security strategies include encryption, firewalls, and password protection. 

Organizations can use an IT toolkit like the JumpCloud Directory Platform to streamline data security compliance, oversee device management in heterogeneous environments, provision/deprovision users, and enforce password controls. 

Data Protection

Data protection involves safeguarding data from loss or damage. It includes measures such as backing up data and storing it in a secure location to ensure that important data is not lost in the event that security measures fail. 

For example, suppose cyberattackers seize control of an organization’s server in a ransomware attack. In that case, data protection measures ensure that the organization can still access its data. 

Though relevant as the last line of defense in a wider security strategy, data protection is also handy for other reasons besides malicious attacks. For example, it helps businesses recover from data loss due to technical failures or human error. 

Also, if different locations house data (e.g., on premises and in the cloud), data protection helps ensure critical systems don’t grind to a halt if one storage location goes down. 

The Four Basic Data Privacy Protections 

Oftentimes, implementing data privacy policies is challenging for organizations because they don’t approach it as a baseline for operations. 

Instead, they treat it as an afterthought and only focus on meeting regulatory compliance when required. At JumpsCloud, we’ve seen SMEs take a similar approach with IT security compliance measures to their own detriment. 

Organizations seeking to take a proactive approach to data privacy should have the following protective measures in place as mandated by the General Data Protection Regulation and other similar laws:

1. Data Collection and Sharing Rights

Your privacy approach should include letting users know what types of data you collect, how you use it, who you’ll share it with, and what purpose you’ll use it for.

It should also inform and enable them to exercise their rights over their data, such as the right to access, delete, or correct their data.

They should also have the right to deny third-party access to some or all of their data.

2. Opt-In (Consent)

What’s better than letting your users know what data you handle? Asking their permission for how you intend to handle it.

It’s common for websites to have pre-ticked boxes that allow users to opt out of cookies or the collection of certain information. This is neither good practice nor in line with the laws, such as the GDPR’s cookie consent requirements.

Require your customers to take clear and proactive action to indicate that they agree to have their data collected.

3. Data Minimization and Storage Limitation

Only collect and store the data that is necessary for you to fulfill your business purpose. For example, suppose you’re a business that sells products. In that case, you’ll need to store data such as the customer’s name, shipping address, and payment information. 

Don’t store data such as visitor browsing history on your site or the sites they visit after leaving yours. Furthermore, limit the amount of time you keep data. For instance, you can delete customer data once they haven’t interacted with your site for a certain period, such as 12 months.

Perhaps, the most shocking cautionary tale is the double-header case of AdultFriendFinder, where a dating website got hacked twice, and very private information of users was made available on the dark web. What was already a sticky situation became even worse. It turned out that the data of former users who had deleted their accounts were still being kept and were among those leaked.

4. Nondiscrimination and No Data-Use Discrimination

This protection requires you not to engage in discriminatory behavior against individuals who choose to exercise their data privacy rights.

For example, you cannot charge a higher price, refuse service, or give them a lower quality service because they exercised their right to access or delete their data. Also, you can’t use collected data to profile individuals along discriminatory lines.

For instance, using data to target ads or content to individuals based on their race, ethnicity, gender, religion, disability, or other discriminating factors could violate your data subjects’ rights.

Evolution of Data Privacy

As referenced in our introduction, the notion of privacy has been around long before the digital age. Here’s some additional fun facts for the history buffs out there: 

• In 1890, two Americans, Samuel Warren and Louis Brandeis wrote “The Right to Privacy.” The article advocated individuals “be left alone” and not have their lives turned into public spectacles. With time, the need to protect people’s information became more apparent as the technological landscape changed.
• In 1967, an interesting development to the U.S. constitution’s fourth amendment arose in Katz v. The U.S., where investigators had recorded a gambler’s conversations on a public telephone. The court held that the right to privacy extended beyond a person’s house, papers, and effects to include areas where a person has a reasonable expectation of privacy, such as a telephone booth, as in this case.
• Katz vs. The U.S. accelerated the movement toward data privacy, and in time, Sweden enacted the first national data privacy law in 1973. 
• The 1980s saw the Organisation for Economic Co-operation and Development (OECD) release data privacy guidelines which then and till today, form the basis for many data privacy laws around the world.
• Then came the internet, which made it easier for organizations to store more information than ever. In response, the European Union (EU) passed the Data Protection Directive in 1995.
• During the Wild West days of the internet, data privacy concerns took the backseat while data security rode shotgun. However, this soon changed with the rise of big data firms such as Google, Amazon, and Facebook in the 2000s.

The massive data these organizations collected, coupled with high-profile privacy scandals, made it inevitable that data privacy would come to the forefront again.

As previously mentioned, several countries have enacted data privacy laws reflecting its greater importance. Meanwhile, only time can tell what new technologies will develop and what concerns and responses to data privacy they might bring.

U.S. Data Privacy Laws 

The United States does not have a single, all-encompassing data privacy law. Instead, it relies on a patchwork of federal and state laws and industry-specific regulations.

National Privacy Legislation

There are several pieces of U.S. federal legislation that deal with data privacy. Perhaps the most popular are the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and the Children’s Online Privacy Protection Act (COPPA).

HIPAA establishes national standards to protect people’s medical information. It applies to healthcare providers, health plans, and other medical information organizations.

The GLBA requires financial organizations to safeguard sensitive information and explain their information-sharing procedures to customers. It also demands that they respect the customer’s right to opt out of any data sharing with unaffiliated parties.

COPPA protects the online privacy of children under 13 by prohibiting website operators from collecting personal information from children without parental consent.

State Privacy Legislation 

Several states also have data privacy laws. For example, The Massachusetts Data Privacy Law is one of the most comprehensive state data privacy laws. It requires businesses to take reasonable security measures to protect personal information. It imposes harsh penalties for companies that suffer data breaches.

California has the California Consumer Privacy Act (CCPA), which came into effect in 2020. The act contains residents’ right to know what personal information is being collected about them, the right to delete that information, and the right to opt out of its sale. With few exceptions, the CCPA contains as many measures as the GDPR.

There is also the Nevada Internet Privacy Law, with similar provisions to the CCPA but limited to online and web services only.

EU Data Privacy Laws

The European Union has one of the world’s most comprehensive data privacy laws. The EU’s General Data Protection Regulation (GDPR) came into effect in 2018 and builds on the EU’s 1995 Data Protection Directive.

The GDPR requires businesses to get explicit consent from individuals before collecting, using, or sharing their personal data. It also gives individuals the right to know what private data organizations collect about them, the right to have that data erased, and the right to object to its use.

The GDPR applies to data processes irrespective of whether the data is collected online or offline; or whether or not the business is in the EU.

Companies that violate the GDPR can receive a fine of 4% of their annual global revenue or €20 million, whichever is greater.

Data Privacy Quick Tips for SMEs

So, what can SMEs do to comply with data privacy laws? Here are some quick tips:

• Get rid of dark patterns: You know how easy it is to use those complicated menus to frustrate users and discourage them from using the opt-out button. Or how easy it is to place confusing words like “Don’t Not Sell My Personal Information” beside the “I agree” checkbox. Well, don’t use them. Dark patterns are not only annoying to your user; specific instances of them could also be illegal under relevant laws.

• Implement privacy by design: This means building privacy into your products and services from the ground up. It starts with understanding what personal data you are collecting and why. Do you really need it? Can you get by with an email address? Once you’ve decided what data you need, figure out how to collect it to minimize the risk of exposure. For example, if you’re managing sensitive information like health data, consider using encryption to keep this information safe both during and after collection.

• Communicate changes in policy: If you change your privacy policy, communicate these changes to your users. Also, ensure you provide an option for users to opt into the new policy. It goes without saying that you should also make it easy for users to find your privacy policy on your website or app.

• Data privacy is more than the internet: Remember that privacy laws also apply to offline data collection. This includes data collected through paper forms, over the phone, or in person. So, if you collect this type of information, take steps to protect this information from exposure and use it only for the purpose it was collected.

Improve IT Security Hygiene with JumpCloud 

Data privacy laws are constantly evolving, and businesses must keep up to date with the latest changes. By understanding the basics of data privacy, you can ensure your organization complies with relevant laws and protects your customers’ personal information.

Did you know that instituting and enforcing IT hygiene policies helps improve organizational data privacy, security, and protection posture?Learn how organizations can adopt data-hygienic practices, improve data privacy, and avoid breaches in The IT Manager’s Guide to Data Compliance Hygiene.

Streamlined and unified authentication to all resources is a core feature of JumpCloud’s open directory platform. That capability extends to secure network access into Wi-Fi and VPNs. JumpCloud’s cloud RADIUS service now supports credential-based (password) and certificate-based (passwordless) authentication. 

The combination of these authentication methods addresses the vast majority of risk levels an organization may face. Furthermore, the certificate-based authentication (CBA) approach is considered the most secure and frictionless method available today. JumpCloud’s CBA is consistent with the open directory principles, offering IT and network admins the flexibility to bring your own certificates (BYOC) as well as the future ability to manage certificates within JumpCloud.

What Is RADIUS Certificate-Based Authentication?

RADIUS Certificate-Based Authentication (CBA) is an authentication method that leverages the content of a X.509 compliant certificate to validate the identities of the device and the user requesting access to a network resource. RADIUS CBA obtains the certificate contents from the RADIUS client when a user requests access to an AP (access point) via client PC (RADIUS client). It then validates the standing of the certificate, as well as the certificate trust chain, with the corresponding certificate authority (CA). Finally, RADIUS CBA verifies the user status and access privileges against the JumpCloud Directory before allowing access to the RADIUS resource (typically Wi-Fi or VPN) when the certificate is validated. 

The Benefits of RADIUS CBA

The benefits of CBA are predicated on two fundamental capabilities. First, the ability to positively identify the authenticating party by leveraging the digital private/public key pair technology recognized as the most secure technology in the industry; and second, the ability to authenticate the user bound to the certificate without any input from the user (frictionless). Small and medium-sized enterprises (SMEs) can use CBA to secure and streamline user authentication flows and eliminate the potential for identity silos or duplicate systems.

Key Features of RADIUS CBA

All current cloud RADIUS features are available with the RADIUS CBA release. The following new capabilities are part of this new release:

• Bring your own certificates (BYOC) – The initial release of RADIUS CBA allows IT administrators to import their certificates into RADIUS for authentication. The certificate lifecycle management and delivery to target endpoints is achieved by tools external to JumpCloud. 
• Multilayer User Authentication – Before allowing user access, RADIUS CBA authenticates the good standing of a certificate (expiration, origin, and revoke status), compliance to one of three JumpCloud user certificates supported (Email user identifier in Subject Alternative Name field, Email user identifier in Distinguished Name field, or Username user identifier in Common Name field), the user status in JumpCloud directory, and finally the user certificate location (must be located on target client device).
• Password as an alternative to certificates – RADIUS CBA allows administrators to use credentials as an initial alternative to certificate. This capability enables the gradual migration to certificate based authentication. Users can initially authenticate using their Username/Password then transition to certificates.
• User groups – The traditional user group association capability and assignment to RADIUS AP is also available with certificates. Groups leverage JumpCloud’s attribute-based access control (ABAC) to automate identity lifecycle management.
• Consolidated IT infrastructure –No additional servers, Windows Server roles, or on-premise infrastructure is required to set up and maintain cloud RADIUS CBA. This lowers IT’s administrative overhead and reduces potential cyberattack surface areas.
• ​​​​​​​Certificate Status check during Authentication BYOC supports validating the good standing of a certificate on every authentication transaction via the Online Certificate Status Protocol (OCSP). 

The Benefits of RADIUS CBA/BYOC

Certificates may originate from multiple CAs. Organizations that already use and manage certificates can import them into JumpCloud and use them for authentication to JumpCloud RADIUS to secure network access. For more on the JumpCloud CBA, see Certificate-Based Authentication to RADIUS for Admins.

Examples of BYO Certs in Action

When the SME wants its users to authenticate securely and without friction, the administrator:

• Selects the “passwordless” authentication method
• Imports the certificate chain, which allows the JumpCloud RADIUS server to challenge the RADIUS client with EAP-TLS mutual authentication. 

The admin can also allow password authentication as a fallback method for those users who have not yet received a certificate.

Admin 

When a user initially connects to a Wi-Fi device configured for JumpCloud RADIUS with certificate authentication (and password as a fallback), they can select “connect using a certificate.” Going forward, authentication to the Wi-Fi AP will happen automatically without any additional input from the user.

JumpCloud’s cloud RADIUS validates the certificate contents provided and checks if the certificate, and user, are in good standing before granting access to the Wi-Fi network.

Try JumpCloud Cloud RADIUS

JumpCloud offers its full open directory platform without any charges for up to 10 users and devices. Free chat support is provided for 10 days to help get you started. Pricing is workflow-based to help SMEs meet their unique requirements versus feature-based SKUs. Would you prefer tailored, white-glove implementation assistance? Schedule a free 30-minute technical consultation to learn about the service offerings available to you.