JumpCloud manages a private PKI infrastructure to manage digital certificates for two-way TLS authentication and encryption between our servers and each agent. Each agent has its own unique private key generated at install time, which is signed by JumpCloud’s private CA, and we associate that key with our servers by storing its public key in our database.
The JumpCloud agent does not listen on any port for traffic initiated external to the localhost, thus provides no attack surface for a remote attacker. All communications between the JumpCloud agent and the JumpCloud SaaS infrastructure are created outbound from the agent.
All servers in JumpCloud’s infrastructure are accessible only via VPN and do not allow any direct SSH connections to them. All ingress ports, whether on internal or external interfaces, are protected by a firewall, which is configured automatically by JumpCloud’s automated system configuration infrastructure.
JumpCloud’s private PKI is also leveraged to create and manage all our VPN keys, so all VPN and agent access can be easily revoked at any time. VPN server access is limited to key employees with a verified and documented business need, and requires both a private key and a password to be accessed.
JumpCloud’s production infrastructure is distributed across multiple public clouds. All users are access-controlled using multi-factor authentication. The production accounts use strict IAM roles and only key employees with a verified business need receive administrative access.
All database disk volumes utilize data-at-rest encryption, to prevent data access by unauthorized parties.
JumpCloud utilizes its own product to assist in monitoring its environment, providing strong controls over user access to each server (beyond the required VPN access), as well as monitoring all user logins, and privileged commands, and alerting on any anomalies. JumpCloud (the product) is also used to ensure that all our servers remain fully patched.
Further, all log files are written to central log hosts which are monitored using OSSEC, to catch any anomalous issues. This helps prevent log tampering during compromise of any edge host, as well as ensures that logged security issues do not go unnoticed.
Finally, JumpCloud uses OSSEC to alert on changes to critical configuration files and installed software.
JumpCloud leverages a third party assessor to perform monthly vulnerability scans against its environment, and integrates those results into its development workflow based on priority.
Code audits and penetration testing by a qualified third-party assessor are executed three times per year.
All employees undergo mandatory security awareness training as well as 7-year criminal and employment background checks prior to employment.
JumpCloud leverages DevOps best practices to ensure that our entire environment can be rebuilt from the ground up in less than an hour. Particular parts of the environment vary in recovery time from a matter of seconds up to a few minutes, depending upon their size and number of dependencies.