CloudJumper Blog

We Were Born in the Cloud, and You are More Secure Because of it Fri, Apr 12,19  

Share:

In last week’s blog we talked about a least required methodology, and that because we use it, the security of our solution and the End User Computing (EUC) environments created with it are dramatically improved.

This week, we are going a step farther to discuss how we use APIs as a modern design principle to connect our customers to our Cloud Workspace Management Suite SaaS application (CWMS). CloudJumper was born in the cloud, and that continues give us the luxury of building all of our systems to meet cloud specifications, vs having to retrofit code we created for an on-prem solution to – we hope – support a cloud solution. That may seem a small point, but writing a SaaS app is completely different than developing an on-prem managed app.

Our CWMS control plane follows a modern design principal that powers it. We built it using a series of APIs that power everything it does. The end user of the software gets to pick what initiates the command and s/he gets to pick what happens when it triggers the other side. No end users can create new APIs nor can they touch any part of the system that isn’t connecting with the specific API s/he is currently using and has access to use. This methodology makes our solution inherently safer.

Conversely in a standard design principle, the end user logs into a Windows server, and launches a tool that connects to a management program running on a VM. From there, the end user can make all the necessary changes. While this may seem like a subtle difference, this more antiquated way is less a cloud service and more a process of running a program on a server in a data center. In essence, the end user is running a program on a server, not manipulating a web interface as s/her is when using CWMS, and Azure for that matter.

Using this antiquated solution, administrators connecting to the servers running the competition’s control plane program are vulnerable – the login password can get hacked, something could bypass AV, a rogue admin (even a low-level one!) could wreak havoc…  Remember, this is the company’s control plane – the mothership of the company’s EUC environment.  That is way worse than just getting your computer invaded.

At CloudJumper, we don’t run any programs that anyone can access. Instead, the administrator sends API calls that are initiated through our web interface, CWMS, and those send commands to the control plane. Finally, the control plane responds with the appropriate action. No one accesses the control plane – ever.

No doubt, the differences are a bit nuanced, but truly the difference is a thing a beauty and presents a far more secure solution. The modern design principle using APIs can’t be hacked. First, the potential hacker has no ability to get the necessary permissions to connect the API call, and as an added layer of security, these calls are authenticated; then the hacker has no idea what the target is, s/he’s trying to contact. Without a target, that call would simply go into the ether and die.

As a way to loop back to last week’s blog, on top of designing our solution with a modern design principal using APIs, CloudJumper has layered on top of that, a least required methodology ensuring that both our customers and their different staff roles only have the access necessary to do those things needed to oversee and run their own Cloud Workspace environment. Again, a thing of beauty: when you deploy in CWMS, you get a simple-to-use interface for both Azure and all the layers in your EUC environment; you get tight control over how your staffers connect into CWMS; and of course as we have been discussing, you get air-tight security that only comes from a solution using APIs.

We do it this way because we were born in the cloud. Our solution started in the cloud; and we built it taking advantage of everything the cloud had to offer; our team members who built it are extremely intelligent and have been developing for the cloud, since before the cloud was even named, “the cloud.” Okay, chuckle if you will by how many times I can put the word “cloud” into one paragraph, but don’t lose sight of the fact that CloudJumper is both the present and the future. We have been doing this for many years, and since day one, ensuring the security of EUC environments has always been our very top priority. Taking an on-prem program and transitioning it to a cloud solution is really hard, and typically what you get is an on-prem like solution that is now being hosted in a multi-tenant environment in the cloud. The result lacks the tight safety controls needed for today’s business environment.

If you are looking to grow your business in the cloud, it’s time to connect to CloudJumper. We have an inherent understanding of the cloud and how to build the most secure EUC environment solutions. Get in touch with us today at Hello@CloudJumper.com or 844.645.6789. Follow us on social media: Twitter | Facebook | LinkedIn.