BeyondCorp Meetup: Google Security for Everyone Else Ivan Dwyer
The BeyondCorpSF Meetup group hosted its monthly event at Heavybit on Mar 9th, bringing together security & IT professionals interested in learning about the future of cloud native security architectures.
When a highly sophisticated APT attack named Operation Aurora occurred in 2009, Google began to reimagine their security architecture through an initiative called BeyondCorp. The primary goal was to improve their security with regards to how employees access internal applications. The end result allows Google employees to work securely from any location without the use of a VPN.
Unlike the traditional perimeter security model, BeyondCorp dispels the notion of network segmentation as the primary mechanism for granting access. Instead, all internal applications are deployed to the public Internet, only accessible through a dynamic user and device-centric authentication & authorization model.
Many organizations, big and small, have taken note of BeyondCorp and are now looking to achieve a similar ‘Zero Trust’ security framework of their own. As a leading provider of Access Management solutions that follow this model, we at ScaleFT have taken the lead in building a community of forward-thinking individuals interested in learning from Google’s efforts. We organize the BeyondCorpSF and BeyondCorpATX Meetup groups, maintain the BeyondCorp website, and curate a weekly newsletter of related news & articles. The community is growing at a rapid pace, and we had a great turnout for this Meetup.
How Zero Trust Changes Identity & Access
A by-product of the Zero Trust model is that the lines are blurring between privileged and non-privileged access management. Traditionally segmented based on resource type and user function, a new class of cloud native solutions are emerging that deliver a more consistent user experience.
In this talk, I introduce a new concept of Enterprise Identity based on the principles of BeyondCorp – which accounts for the user plus their device at a specific point in time. With this view of Identity, more intelligent authentication and authorization decisions can be made in real-time, better protecting companies from potential insider threats.
What’s really interesting is that this new approach towards access management will have a number of significant market effects, impacting a number of established product categories. The battle for Identity Governance will heat up with the rise of the cloud, and the Zero Trust model could even lead to the demise of the VPN. Watch this space.