Support Center

JumpCloud Employee/Customer Communication and Extraordinary Access Policy

Methods of Communication With JumpCloud Employees

 

JumpCloud or its employees will never ask for your passwords, API keys, or Connect keys. JumpCloud employees will never alter your JumpCloud tenant or its data. JumpCloud employees will never issue password resets for admins or users. JumpCloud employees will never remove active systems. Additionally, support employees do not have access to perform write actions on JumpCloud tenants. If there is a data integrity or production issue that causes material harm to your tenant engineering may take remediation actions, however, this will only occur after you have been contacted and we have received your express consent.

 

Sales:

JumpCloud does not have a preferred method of communication with Sales. We also do not enforce secure methods of communication with Sales. If you would like to establish a secure method of communication before becoming a customer please contact security@jumpcloud.com and we will be happy to assist you. If you are an existing customer please contact support or your account manager with any concerns about your account.

 

Finance and Legal:

Please send all Finance and Legal requests to finance@jumpcloud.com.

 

Account Managers:

JumpCloud does not have a preferred method of communication with Account Managers. We also do not enforce secure methods of communication with Account Managers. Please note that Account Managers will not be able to help with technical support and do not have access to tenants or their information.

 

Support for Prospective Customers:

All support requests must come in through email. Prospective customers do not need to submit support requests from a specific email or provide additional information. JumpCloud employees will never provide information about active tenants or accounts to others.

 

Support for Active Customers:

All support requests must come in through email. All support requests must come from an active admin account's primary email. All support requests must initially include your organization's ObjectId. If any of these are not met you will be prompted by support to provide any missing information. There are no substitutes for any of these requirements. Phone support may be used after communication via email. Abusive or threatening language will result in that email or phone number being blacklisted. If you would like to establish an alternative method of communication with support or any other JumpCloud employees this must be agreed upon as part of your JumpCloud contract. If you would like additional security when communicating with JumpCloud employees we encourage the use of PGP encryption. If you have any questions about using PGP encryption when contacting JumpCloud or its employees please email security@jumpcloud.com. JumpCloud reserves the right to refuse any communication that is deemed insecure at any point, regardless of information provided.

 

Why do we do enforce such strict communication methods?

JumpCloud and its employees take security very seriously and that includes the security of your JumpCloud tenant. Due to the highly sensitive nature of JumpCloud tenant access, we enforce extreme measures when taking action that could potentially compromise, or lead to compromise of your tenant. JumpCloud operates under the maxim that security trumps both convenience and expediency. We strive very hard to provide a rock solid model of trust for both our customers and their end users. If you have any questions or concerns about JumpCloud's policies regarding communication or security please contact security@jumpcloud.com.

 

Extraordinary Account Recovery Methods

 

Under all scenarios except for a court order, the only action JumpCloud will take is to delete a specific administrator account or an entire tenant.

 

For out of band executive confirmation we will only accept communication via a phone number, email address, or physical address we already have on file (this can include billing or user information). Please do not initiate executive confirmation without prior communication.

 

All police reports will be confirmed independently.

 

If you would like to establish an additional or alternative method of extraordinary account recovery this must be done as part of your service contract with JumpCloud. No additional methods will be considered at the time of a recovery request.

 

Disgruntled Admins:

JumpCloud requires a police report detailing the incident and out of band executive verification of the incident. JumpCloud will delete the admin account in question, however, we will not add additional admin accounts. If the sole admin account is requested to be deleted JumpCloud will delete the entire tenant. Please ensure you have more than one admin account active at all times.

 

Bankruptcy or Closure:

JumpCloud will only accept these requests after there have been no successful logins to systems, user accounts, the user console or the admin console for 180 days. We require a certificate of dissolution and out of band executive verification upon request. If there are any questions about what constitutes a certificate of dissolution please contact support@jumpcloud.com with a valid administrator email and organization ObjectID.

 

General Mistakes or Malfeasance:

JumpCloud requires out of band executive confirmation and a court order from the proper jurisdictions. The court order must explicitly enumerate all actions JumpCloud must take. We will not perform any actions not explicitly stated in the court order. If you have any questions about court orders or what your proper jurisdiction is please contact support@jumpcloud.com with a valid administrator email and organization ObjectID.

 

Cessation of Support:

Under certain circumstances, it can become necessary for companies to request that JumpCloud refuse support requests that might be otherwise properly authenticated. If this occurs JumpCloud requires an initial executive confirmation after which we will ignore all support requests for 24 hours. JumpCloud must then receive a police report or court order before that 24 hours expires, or support will resume with properly authenticated requests and ignore future requests for cessation of support. JumpCloud will determine when the 24 hour period begins and ends.

 

Preventative Access:

JumpCloud understands that in today's modern threat environment security breaches can happen through many different vectors. If your company or tenant is compromised through something other than your JumpCloud account you may request for us to delete either a specific admin account or for total deletion of the tenant. If the sole admin account is requested to be deleted JumpCloud will delete the entire tenant. Please ensure you have more than one admin account active at all times. Preventative access requests require both out of band executive confirmation and a police report. Under no circumstances except a court order will JumpCloud lock accounts, reset passwords, delete systems or user accounts, or modify tenant data. If you would like to establish an additional or alternative method (such as a dead man's switch or an authorized third party) for preventative access this must be done as part of your service contract with JumpCloud. No additional methods will be considered at the time of a request.


 
 

Last Updated: Jan 14, 2019 04:03PM MST

Related Articles
desk-forwarding@jumpcloud.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete