Fischer Identity as a Service vs. JumpCloud

Fischer is well suited for the use case scenarios where an institution has not previously used any identity management and needs to quickly provide services to meet regulatory or other deadlines. It also works well when you can implement in smaller batches of user accounts and grow over time. We have found it less appropriate for cases where we have needed to set up on-off temporary or special access. Fischer has worked with us on out-of-band provisioning but we had to pay for extra Fischer professional services to make that work.

Incentivized

JumpCloud is least suited in situations where you have few devices, but lots of users. JumpCloud heavily focuses on the "One-User-One-Device" type of use, and does lack some of the features things like Active Directory is better suited for when having multiple users accessing one machine. Their Powershell APIs are fantastic and getting only more powerful. Lots of features are hidden behind these APIs, so admins not as familiar with Powershell would have more issues leveraging these tools. BYOD deployments are amazing, especially for macOS devices that are using Apple Business Manager and can leverage Zero Touch deployments. It is especially good at handling mixed systems, whereas other options, such as Jamf, are really suiting only for macOS, or Intune is more suited for Windows; JumpCloud managed to handle both systems well.

• Integration with ERP
• Integration with Account Directory
• Integration with Office 365
• Password Reset Portal

Incentivized

• User Management - The ability to control our users and set password/polices is made easy in the JC console
• Device Management - Using JC each user is assigned to their own device with only the rights to do their job - When elevated rights are required, this is done simply via the JC console for the period of time required
• SSO - Using JC's SAML SSO integrations we are building out our SSO offering and this is making for a much simpler daily user experience

Incentivized

• Reducing the frequency (twice a month) of scheduled outages. But I believe they are making progress toward developing a more robust cloud infrastructure that will eliminate the need for such frequent downtimes.
• There are some less than intuitive administration tools, which could be improved. Fisher is always willing to help us when we don't understand the proper way to configure using the tools.
• I would like a streamlined way to move changes from our test environment into our production (live) environment instead of having to duplicate the effort.

Incentivized

• SSO via OpenID - Opening up their SSO from just SAML to including OpenID (OAuth) would allow us to make more use of the service and to also incorporate it into some internal testing suites
• Time Limited User Elevation - The ability to time limit a users elevation of privileges would be a great addition
• Extending device management to include LPA - Least Privilege Access is becoming a bigger ask from our external auditors - Being able to do this via JC would be amazing

Incentivized

It's simple. I like how JumpCloud keeps things simple. Similar to Apple's ecosystem, they give you what you want with some extra features and bells and whistles but it doesn't take a large instruction manual to use it. They have the support system and KB articles to back up their product and learn about a feature and how to implement it

Incentivized

I have rarely contacted support. When I have, the responses were within expected time frames, and easy to access. Community support is incredible, both from the JumpCloud representatives, and the user base community at large. The support pages on the website also are typically very well written and strike a nice balance between having the technical information needed, and also being easy to understand for the small business types that might not have as much of a technical background as an IT Admin.

Being responsible for choosing the product after a POC and pilot we found the process to be simple and effective

Incentivized

It does deliver as advertised, provided you do your homework and understand the expected outcome before going live. Poor planning can turn the project into a nightmare. It can save the company a good deal of man hours and money by bringing about identity management automation, a self-service portal, and customizable email notifications for all of the identity owners and other stakeholders. For example, you can inform your HR team upon successful account creation and disablement. You can proactively reach out to users informing them about their account extirpation status, etc.

Incentivized

Incentivized

Some features would make more sense for us to be bundled by machine, instead of the user. We have fewer machines, and multiple users log into one machine, so doing something like paying per user for services like Patch Management are difficult to warrant the cost. I also feel a more complete package that includes common addon features; Patch Management and Password Manager, would be an improvement. It would also be nice if we could change packages, addons, and other billing services via self-service instead of reaching out to our account manager.

services and professional team and support teams are good

Incentivized

• Fischer has had a positive impact by providing self-serve identity and password management tools that our constituents can use at their convience, not tied to our operational hours.
• Fisher Identity as a Service has been a significant cost, but it is anticipated that it saves our students significant time and effort that they can better dedicate to their academic pursuits.
• Negative initial reaction--as this was a new way of doing things, there was a period of confusion among our college constituent that required additional communication and instruction

Incentivized

• Very easily add, or disable employee logins
• Reduce "password fatigue" by being able to reduce password expiration requirements, and having single sign on
• Higher security and visibility of security issues
• Reduced onboarding time from days to minutes
• Enabled easy reassignment of user accounts to another user via groups when employees leave
• Quick securing of terminated users, or otherwise compromised accounts
• Reduced user disablement time from previous manual methods requiring days, to literal minutes