CloudJumper Blog

Least Privileged Methodology: The Common Sense That Keeps Your Clients Secure & You Sleeping Soundly.


All of this really is common sense, yet, it also takes software built by a smart team building from the standpoint that our solution must be both simple and highly secure.

Least Privileged Methodology is the concept and practice of restricting access rights for users, accounts, systems, APIs and computing processes to only those resources absolutely required to perform routine, legitimate activities. CloudJumper embraces this best practice: we have developed Cloud Workspace Management Suite (CWMS), our SaaS app for building End User Computing (EUC) environments in the cloud to embrace this concept, giving our partners two key benefits.

1. Cost Savings. CWMS acts as a control interface for the numerous technology layers that need to be interconnected to deploy a secure, highly available EUC Environment. Without CWMS, your MSP needs a team of highly compensated technicians who each have a deep understanding of Active Directory AND Hypervisor AND RDS/Citrix/VDI environments AND the orchestration layer AND scripting AND APIs, not to mention public cloud templating… we could honestly keep going!

CWMS is a single-pane-of-glass interface that’s easy to use, so your front-line, tier I technicians can oversee your EUC environments for your End Customers without needing to understand the layers above and how they all integrate with each other. This is a huge cost savings, and a key to being able to bring a competitive and lucrative Cloud Workspace offering to market.

2. Environment Security. But, let’s stay on point and talk about EUC environment security. Because CWMS is an easy-to-use interface to manage all the technology layers of an EUC environment, your team can use it instead of relying on each team member having the knowledge of how to control numerous complex and time-consuming technologies – Active Directory, for example. With CWMS, so much less can go wrong, helping ensure a higher level of security.

CWMS also enables your team to use a least privileged methodology. It has an authority structure built into the interface so that as the primary administrator, you can be granular in how you set access levels for your individual team members. This both ensures the security of the EUC environment, and it allows you to give your front-line team the access they need to complete the vast majority of the tasks that need to be accomplished.

We call CWMS the easy button for Azure for the same reason. It is a very complex system, and it does a lot; it’s also loaded with opportunities to make mistakes that can dramatically impact the security of the EUC environment. That’s why your MSP needs an “easy button.” Becoming an Azure certified technician is both expensive and time-consuming; and even once your tech is certified, if s/he doesn’t use Azure regularly, much of that knowledge may be lost. With CWMS, you don’t need that – everything your MSP needs to support your End Customers’ EUC environments, you can do with CMWS. Even then, most of that can be done by a good summer intern!

It’s the unknown ramification of a whoops that are the scariest. Compare an SMB who employs a highly technical IT Director and a staff of three junior people. One technician – call him Ted – is currently working through an Azure certification program. Ted may be the most dangerous person in this scenario. The IT Director expects Ted to just go figure out what needs to be done. Ted isn’t there yet, and in the process, he deletes a firewall that isn’t even known for weeks. Whoops, Ted has just left the environment incredibly vulnerable. What if the SMB were a medical practice…double whoops! Let’s just hope your MSP had nothing at all to do with that deployment.

Now let’s flip that! Working with CloudJumper, you build your own Cloud Workspace® solution and bring it to market. When the medical office needs anything changed in its account, the general office secretary sends you an email, and unless it is a very complex ask, your front-line staffer connects into CWMS and makes the changes allowed by his authority level. No way any firewall will ever be in harm’s way. Oh, and just for fun, your cloud solution has saved the medical office a lot of money, and it’s providing you a great MRR, month in and month out.

All that is the low-hanging fruit. Read next week’s blog for the truly cool way that Cloud Workspace® Management Suite uses APIs to keep your End Customers more secure. In the meantime, we’d love to hear from you. or 844.645.6789. Follow us on social media: Twitter | Facebook | LinkedIn.

Why We Blog

At CloudJumper, we are a team of thought-leaders, always seeking to answer, what if? That’s how we came to build the industry’s most robust and easiest VDI/WVD orchestration & management tool.

We seek to bring that same energy to our blog. Weekly, team members from across our company come here to share their thoughts, opinions, and observations about what makes the cloud go. Want to add your own opinion?

We’d love to hear from you! And please remember to share our postings.