BeyondTrust Privileged Remote Access vs. JumpCloud

BeyondTrust Privileged Remote Access is well suited to grand monitored privileged access to resources. It works in a proxy mode so end-users don't have direct access to servers. This can help prevent attacks on servers from users' machines since all the traffic to the servers goes through the Privileged Remote Access server which performs auth according to the policies. In cases where direct access to the servers/service from the end-user's machine is required, it is a little bit complicated to set up that kind of connection using protocol tunneling.

JumpCloud is least suited in situations where you have few devices, but lots of users. JumpCloud heavily focuses on the "One-User-One-Device" type of use, and does lack some of the features things like Active Directory is better suited for when having multiple users accessing one machine. Their Powershell APIs are fantastic and getting only more powerful. Lots of features are hidden behind these APIs, so admins not as familiar with Powershell would have more issues leveraging these tools. BYOD deployments are amazing, especially for macOS devices that are using Apple Business Manager and can leverage Zero Touch deployments. It is especially good at handling mixed systems, whereas other options, such as Jamf, are really suiting only for macOS, or Intune is more suited for Windows; JumpCloud managed to handle both systems well.

• It's comprehensive, intelligent and easy to use.
• It has lots of features i.e. it allows special commands to be used whereas the other programs don't allow them.
• This tool is effective in allowing you to access all your applications through a single sign-on page.
• Actively manage the ongoing operational use of network devices, hardware, and application access via Secure App.
• Bomgar Privileged Access deploys on-premises via a hardened physical or virtual appliance, or through the Bomgar Secure Cloud.

Incentivized

• User Management - The ability to control our users and set password/polices is made easy in the JC console
• Device Management - Using JC each user is assigned to their own device with only the rights to do their job - When elevated rights are required, this is done simply via the JC console for the period of time required
• SSO - Using JC's SAML SSO integrations we are building out our SSO offering and this is making for a much simpler daily user experience

Incentivized

• One way to use it is by using a machine as an access proxy, this machine being Linux, has limitations such as copy and paste and does not allow access to more than one web access.
• Improve the desktop application view.

Incentivized

• SSO via OpenID - Opening up their SSO from just SAML to including OpenID (OAuth) would allow us to make more use of the service and to also incorporate it into some internal testing suites
• Time Limited User Elevation - The ability to time limit a users elevation of privileges would be a great addition
• Extending device management to include LPA - Least Privilege Access is becoming a bigger ask from our external auditors - Being able to do this via JC would be amazing

Incentivized

This review was originally written partially in Portuguese and those parts have been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.

Incentivized

It accomplishes all of our remote access needs, our users require little to no training when being setup for remote access for the first time.

Incentivized

It's simple. I like how JumpCloud keeps things simple. Similar to Apple's ecosystem, they give you what you want with some extra features and bells and whistles but it doesn't take a large instruction manual to use it. They have the support system and KB articles to back up their product and learn about a feature and how to implement it

Incentivized

I have rarely contacted support. When I have, the responses were within expected time frames, and easy to access. Community support is incredible, both from the JumpCloud representatives, and the user base community at large. The support pages on the website also are typically very well written and strike a nice balance between having the technical information needed, and also being easy to understand for the small business types that might not have as much of a technical background as an IT Admin.

Being responsible for choosing the product after a POC and pilot we found the process to be simple and effective

Incentivized

The main factor is the ease of implementation and also its use in everyday life.

Incentivized

Incentivized

Some features would make more sense for us to be bundled by machine, instead of the user. We have fewer machines, and multiple users log into one machine, so doing something like paying per user for services like Patch Management are difficult to warrant the cost. I also feel a more complete package that includes common addon features; Patch Management and Password Manager, would be an improvement. It would also be nice if we could change packages, addons, and other billing services via self-service instead of reaching out to our account manager.

services and professional team and support teams are good

Incentivized

• Improve security by improving the management of external remote access
• Help us meet Remote Access Compliance Requirements by creating audit trails, session forensics, and giving access monitoring and reporting data
• Simplify employee access and workflows by giving employees the exact amount of privileged access to systems and applications they need, without hindering productivity or overwhelming the service desk

• Very easily add, or disable employee logins
• Reduce "password fatigue" by being able to reduce password expiration requirements, and having single sign on
• Higher security and visibility of security issues
• Reduced onboarding time from days to minutes
• Enabled easy reassignment of user accounts to another user via groups when employees leave
• Quick securing of terminated users, or otherwise compromised accounts
• Reduced user disablement time from previous manual methods requiring days, to literal minutes