 Hey, everyone. Welcome to this CUBE conversation. That's part of the AWS Startup Showcase Season 2, Episode 4. I'm your host, Lisa Martin. Chase Dolling joins me, the principal strategist at JumpCloud. Chase, welcome to the CUBE. It's great to have you. Perfect. Well, thank you so much, Lisa. I really appreciate the opportunity to come and hang out. Let's talk about JumpCloud. First of all, I love the name. This is an open directory platform. Talk to the audience about what the platform is, obviously the evolution of the domain controller, but give us that backstory. Yeah, absolutely. So, company was started, and I think from serial entrepreneurs and after the last exit, taking a look around and saying, why is this piece of hardware still the dominant force when you're thinking about identities, especially when the world is moving to Cloud and all the different pieces that have been around it? So, over the years, we've evolved JumpCloud into an open directory platform. What that is is we're managing your identities, the devices that are associated to that, all the access points that employees need just to get their job done. And the best part is is we're able to do that no matter where they are within the world. It seems like kind of a reinvention of how modern IT teams are getting work done, especially in these days of remote work. Talk to me a little bit about the last couple of years, particularly as remote work exploded, and here we are still probably permanently in that situation. Yeah, absolutely. And I think it's probably gonna be one of those situations where we stick with it for quite a while. We had a very abrupt force, right? Making sure that essentially every IT and security team could grapple with the fact of their users are no longer coming into the office. How do we VPN into all of our different resources? Those are very common and unfortunate pain points that we've had over the last couple of years. And so now people are starting to kind of get into the motion of it, working from home, having background in setups and other pieces. But one of the main areas of concern, especially as you're thinking about that is how does it relate to my security infrastructure or kind of my approach to my organization and making sure that too, on the tail end, that a user's access and making sure that they can get into everything that they need to do in order to get work done is still happening. And so what we've done is we've really taken, evolving and kind of really kind of ripping apart this notion of what a directory was. Because originally it was just like, great, almost like a phone directory. It's where people lived, they're going into all those different pieces, but it wasn't set up for the modern world and kind of how we're approaching it and how organizations now are started with a credit card and have all of their infrastructure and essentially all of their IP is now hosted somewhere else. And so we wanted to take a different approach where we're thinking about not only managing that identity, but taking an open approach. So matter where the identity is coming from, we can integrate that into the platform, but then we're also managing and securing those devices, which is often the most important piece that we have sitting right in front of us in order to get into that. But then also that final question of when you're accessing networks applications, can you create the conditions for trust? So if you're looking at zero trust or kind of going after different levels of compliance, ISO, SOC2, whatever that might be, making sure that you have all that put in place no matter where your employees are. So that way, as we kind of moved into this remote, now hybrid world, it wasn't the office as the gating point anymore. So key cards, as much as we love them, they're falling apart. Whereas the new perimeter, kind of the new barrier for organizations, especially how they're thinking about security, is the people's identities behind that. And so that's the approach that we really wanted to take as we continue to evolve and really open up what a directory platform can do. Yeah, zero trust security, remote work, two things that have exploded in the last couple of years. But as employees, we expected to be able to still have the access that we needed to app to the network, to wifi, et cetera. And of course on the security side, we saw massive changes in the threat landscape that really obviously security elevates to a board level conversation. So I imagine zero trust security, remote work, probably compliance you mentioned, talk to are some of the key use cases that you're helping organizations with? Those are a lot of the drivers. And what we do is we're able to combine a lot of different aspects that you need for each one of those, right? And so now you're thinking about, essentially the use case of someone joins the organization, they need access to all these different things. But behind the scenes, it's a combination of identity access management, device management, applications, networks, everything else, and creating those conditions for them to do their roles. But the other piece of that is you also don't want to be overly cumbersome. I think a lot of us think about security as like, great biometrics, I'm going to add in these keys, I'm going to do everything else to kind of get into these secure resources. But the reality of it now is those secure resources might be AWS infrastructure, it might be other Salesforce reporting tools, it might be other pieces or kind of IP within the organization. And those are now your crown jewels. And so if you're not thinking about the identities behind them and the security that you have in order to facilitate that transaction, it becomes a board level conversation very quickly. But you want to do it in a way that people can move forward with their lives and they're not spending a ton of time, battling the systems and procedures we put in place to protect it, but that it's working together seamlessly. And so that's where kind of this notion for us of bringing all these different technologies into one platform, you're able to consolidate a lot of those and remove a lot of the friction while maintaining the visibility and answering the question of who has access to what and when did they do that? Those are the most critical pieces that IT and security teams are asking themselves when something happens, right? And hopefully on the preventative side and not so much on the redacted side. So has it, have you seen the escalation up the C-suite change of the board in terms of really focusing on how do we do identity management? How do we do single sign-on? How do we do device management and network access? Is that all the way up to the C-suite board level as well? It certainly can be. And we've seen it in a lot of different conversations because now you are thinking about all different portions of the organization, but and then too, kind of, as we're thinking about times we're currently in, there's also a cost associated to that. And so when you start to consolidate all of those technologies into one area, now it becomes much more total cost optimization types of story while you're still maintaining a lot of the security and basic blocking and tackling that you need for most organizations. So everything you just mentioned, like those are now table stakes for a lot of small, medium startups to be at the table. So how do you have access to enterprise level, essentially technology, without the cost that's associated to it? And that's a lot of the trade-offs that organizations are facing and kind of having those types of conversations as it relates to business preparedness and how we're making sure that we are putting our best foot forward and we're able to be resilient in no matter what type of either economic or security threat that the organization might be looking at. So let's talk about the go-to market, the strategy from a sales and marketing perspective. Where are the customer conversations happening? Are they at the IT level? Are they higher up the stack? It's really at, I'd say the IT level. And so by that, I mean kind of the builders, the implementers, everyone that's responsible for kind of putting devices in people's hands and making sure that they can do their job effectively. And so those are, I'd say that, IT admins the world as well as the managed service providers who support those organizations, making sure that we can enable them to making sure that their organizations or kind of their client organizations have all the tools at their disposal to make sure that they have the security of the policies and the technology behind them to enable all those different practices. So talk about, let's unpack the benefits from an IT perspective. Obviously they're getting one console that they can manage it all. One use your identity for email and devices and apps and things. In terms of, you mentioned regardless of location, but this is also regardless of operating system, correct? That's correct. And so part of taking an open approach is also kind of the devices that you're running on. And so we take a cross-OS approach. So Mac, Windows, Linux, iPhone, whatever it might be, we can make sure that that device is secure. And so it does a couple of different things. So one is the employees have device choice, right? So I'm a Mac person coming in, if I force into a Windows, it'd be an interesting experience. But then also two from the backend, now you have essentially one platform to manage your entire fleet and also give visibility and data behind what's happening behind those. And then from the end user perspective as well, everything's tied together. And so instead of having, what we'll call kind of user identity schizophrenia, it might be one employee, but hundreds of different identities and logins just to get their work done. We can now centralize that into one person, making sure you have one password to get into your device, to get into the network, to get into your single sign on. We also have push MFA associated with that. So you can actually create the conditions for your most secured access or you understand and say, Hey, I'm actually in the office, right? I'm going to be a hybrid employee. Maybe I can actually relax some of those security concerns I might have for people outside of the network. And all we do is making sure that we give all that optionality to our IT admins, managed service providers of the world to enable that type of work for their employees to happen. So they have the ability to toggle that as critically important in this day and age of the hybrid work model that's probably here to stay. It is, yeah. And it's something that organizations change, right? Our own organizations, they grow, they change different new threats might emerge or same old existing threats continue to come back. And we need to just have better processes and automations put within that. And it's when you start to consolidate all of those technologies, not only are you thinking about the visibility behind that, but then you're automating a lot of those different pieces that are already tightly coupled together. And that actually is truly powerful for a lot of the IT admins of the world because that's where they spend a lot of time and they're able to spend more time helping users tackling big projects instead of run rate security and blocking and tackling that should be enabled from the organization from the get go. You mentioned automation and I think that there's got to be a TCO reduction aspect here with respect to security and IT practices. Can you talk about that a little bit? Yeah, absolutely. So I guess let's think about the opposite of that. Let's say we have a laundry list of technology that we need to go out and source. One is great where the identity is so we have an identity provider. Now we need to make sure that we have application access. So that might look like single sign-on. Now we need to make sure, oh, you are who you are, no matter where you are in the world. Well, now we need multi-factor authentication and that might involve either push button or biometrics. And then great, the devices in front of us, that's a huge component making sure that I can understand not only who's on the device, but that the device is secure, that there's certificates there, that there's policies that ensure the proper use of that wherever it might be, right? Especially as if I'm an employee, either used to be kind of on the jet center going between flying anywhere you need. Now it's kind of cross-country, cross-domain, all those different areas. And when you start to have that, it really unlocks essentially IT sprawl, right? You have a lot of different pieces, a lot of different contracts trying to figure out one technology works with the other, it might not and now you're creating workarounds for all these different pieces. So the opposite of that is essentially let's take all those technologies and consolidate that into one platform. So not only is it cheaper essentially looking after that and understanding all the different technologies, but now it's all the other soft costs around it that many people don't think about. It's all the other automations. It's all the workarounds that you didn't have to do in the first place. It's all the other pieces that you'd spend a lot of time trying to wire it together into the hopes of that it creates some security model. But then again, you lose a lot of the visibility. So you might have an incident happen over here or a trigger or alert, but it's not tied to the rest of the stack. And so now you're spending a lot of time especially either trying to understand in the worst timing is if you have an incident and you're trying to understand what's happening unraveling all of that as it happens becomes impossible especially if it's not consolidated with one platform. So there's not only kind of the hard cost aspect of bringing all that together but also the soft costs of thinking about how your business can perform or at least optimize for a lot of those different standard processes including onboarding, offboarding and everything else in between. Yeah, on the soft cost side, I can imagine I can see huge benefits for HR, onboarding, offboarding. I can see benefits for the employee experience period which directly relates to the customer experience. So in terms of the business impact that JumpCloud can make it seems to be pretty horizontal across any type of organization. It is and especially as you mentioned kind of HR because when you think about where does the origin of someone's identity start? Well, typically it starts with a resume and that might be an applicant tracking software and now we're gonna get hired so we're gonna move into HR because well, everyone likes payroll and we need that in our lives, right? But now we get into the second phase of great now I've joined the organization and now I need access to all of these different pieces but when you look at it essentially horizontally from HR all the way into the employee experience and their whole lifecycle within the organization now you're touching multiple different teams and that's one of the other, you know I'd say benefits of that is now you're actually bringing in HR and IT and security and everyone else that might be related within these kind of larger use cases of making work happen all coming under and when they're tightly integrated it's also a lot more secure, right? So you're not passing notes along you're not having a checklist of other stuff especially when it relates to something as important as someone's identity which is more often than not the most common attack vector for people to go after because they know it's the keys to the kingdom there's gonna be a lot of different attempts maybe malware and other pieces but a lot of it comes back into can I impersonate or become the person that I want within the organization because it's the identity allows you to access all those different pieces and so if it's coming from a disjointed process or something that's not as tightly as it could be that's where it really opens up a lot of different vectors that organizations don't think about. Right and those vectors are only growing and multiplying as we know and here to stay when you're in customer conversations what do you describe as maybe the top three differentiators of JumpCloud compared to the competition? Well I think a lot of it is we take an open approach and so by that I mean it's when we're not locking into I'd say different vendors or other areas we're really looking into making sure that we can work within your environment as it stands today or where you want to migrate in the future and so this could be a combination of on-prem resources, cloud resources or nothing if you're starting a company from today and the second is again coming back into how we're looking at devices we take a cross-OS approach so that way no matter what you're operating on it all comes back from the same dashboard but then finally we leverage a ton of different protocols to make sure it works with everything within your current technology stack as well as it continues to elevate and evolve over time so it could be LDAP and RADIUS and SAML and SCIM and OpenID Connect and OpenAPIs and whatever that might be we're able to tie in all those different pieces so now all of a sudden it's not just one platform but you have your whole business tied into as that gives you some flexibility to evolve because even during the pandemic and the shift for remote there's a lot of technology choices that shifted a lot of people like, okay now's the time to go to the cloud there might be other events like that organizations change there's other things that might happen so creating that flexibility for organizations to move and make those calls is essentially how we're differentiating ourselves we're not locking into this walled garden of technology that's just our own we really want to make sure that we can operate and be that glue so that way no matter what you're trying to do and making sure that your work is being done we can help facilitate that. Nice no matter what happens because boy at this day anything's possible one more question for you about your AWS partnership talk to me a little bit about that. Yeah absolutely so we are preferred ADP our identity provider and SSO provider for AWS and so now re-branded under their identity center but it's crucial for a lot of our organizations and joint customers because again when you think about a lot of organization IP and how they operate as a business is tied into AWS and so really understanding who has the right level of access who should be in there or not and when to you should challenge and making sure that actually there's something fishy there like let's make sure that they're not just traveling to Europe on a sabbatical and it's really who they are instead of a threat actor those are some of the pieces when we're thinking about creating that authentication but then also the right authorization into those AWS resources and so that's actually something that we've been very close to especially I'd say the origins of the company because a lot of startups that's where they go that's where they begin their journey and so we meet them where they are and making sure that we're protecting not only everything else within their organization but also what they're trying to get into which is typically AWS. Meeting customers where they are it's all about that. Chase thank you so much for joining me on the program talking about JumpCloud it's open directory platform the benefits, the capabilities what's in it for IT, HR, security, et cetera we appreciate all of your insights and time where do you want to point folks to go to learn more? Absolutely well thank you so much for having us and I'd say if you're curious about any and all these different technologies the best part is everything I talked about is free up to 10 users, 10 devices so just go to jumpcloud.com you can create an organization and it's great for startups people at home any size company that you're at we can help support all of those different facets in bringing in those different types of technologies all into one roof. Awesome Chase thank you so much this is awesome stuff go to jumpcloud.com for Chase Dolling, I'm Lisa Martin we want to thank you so much for giving us some of your time in watching this CUBE conversation.