For one, the product uses Google's network, so it benefits from its global scale, low latency and reliability. While zero-trust access solutions exist from other companies, Potti believes some differentiators make Google's solution stand out from the rest. Then that 60 per cent to 70 per cent goes up to 80 per cent, 90 per cent and 100 per cent depending on how much you allow us to control your input." "That's the unique aspect of this particular solution: There's so much metadata and signals and learning that we could be doing behind the scenes to provide a very high degree of contextual access control. I would say that 60 per cent to 70 per cent of the core value is outside of the endpoint." There's a ton of behind-the-scenes machine learning technology that's being applied to provide that context-aware access control. We know that you've used your session in the past. It's not just the browser headers information, Potti says. This is particularly useful when dealing with staffers working from non-enterprise-managed personal devices.
#Beyondcorp for the rest of us install#
The platform uses signals and metadata collected through the browser or through an optional endpoint agent with a small footprint to establish user identity and determine the security state of the device.Ĭustomers can opt to use only the context-aware signals collected through the browser, but for a higher degree of accuracy and security, they can ask employees to install the agent.
Google plans to expand the technology in the future to cover non-HTTP-based services and applications. The control plane and data plane related to access control is then done in the cloud.
#Beyondcorp for the rest of us plus#
With the advent of Covid-19, some of the core elements and technologies behind that approach have been accelerated into a product that allows companies to use basically the same infrastructure that enables 100,000 plus Google employees to work from home, he says.įor now the platform can only enforce access controls for web-based applications, which means that companies connect their previously internal web-based apps to Google Cloud. "We've been actively working for the past few years to bring a version of BeyondCorp technology, which we pioneered many years ago, to the enterprise," Sunil Potti, vice president and general manager for Google Cloud, tells CSO. This poses significant challenges because the existing VPNs companies had in place were not designed to handle a sudden explosion of remote workers.īecause infrastructure is hard and expensive to scale, experts believe that this is a good opportunity to pilot zero trust networking, as it is more cost efficient and future proof. The Covid-19 pandemic has forced many organisations to adapt to a new reality where much of their staff have to work from home. All users are treated as external users and are subject to the same identity and security checks before being granted access to resources. With BeyondCorp and zero-trust access in general, there is no network perimeter.
With a lot of IT infrastructure moving to the cloud and enterprises having to accommodate outside contractors in addition to their own remote employees, having security policies tied to a strictly defined network perimeter has become increasingly hard. The company calls its approach BeyondCorp, and it is centred around the idea of access to applications and services being granted based on user and device identity and security posture regardless of their location in respect to the traditional corporate network perimeter.
0 kommentar(er)
