answersnsa.blogg.se

14 November 2022 - 20:38
Beyondcorp initiative
Allmänt
Beyondcorp initiative





beyondcorp initiative beyondcorp initiative

Seven years later, we are fortunate to be able to look at BeyondCorp as evidence that the Zero Trust model works, it is possible to implement, and that the users will love it. Google recognized this fact earlier than most, and thus began their BeyondCorp initiative in 2010. Once on the inside, an attacker essentially has the proverbial keys to the kingdom, leaving companies vulnerable with little to no insight into what’s going on. It makes sense at first glance - why not simply make the network we understand so well accessible from the outside by people who are part of the company? Well technically, VPNs do exactly what they’re supposed to do in this regard, but they are failing to keep unwanted users out because they don’t factor in the context surrounding the traffic, making it easier and easier to spoof a valid credential. Until now, the typical reactive response to this new environment has been to implement a VPN or some sort of software-defined perimeter. We’ve witnessed the impact of digital transformation over the past decade, and we’re now approaching a similar era of security transformation led by the Zero Trust model. More employees are working remote from a wide range of mobile devices, and more applications are being operated as a service in the cloud. The seismic shift from traditional perimeter security measures towards that of the Zero Trust model can really be boiled down to a single key fact - the modern workforce is no longer constrained by the walls of the office. Any company looking towards the Zero Trust model for their own security should approach from a similar architectural perspective, recognizing that it will take a collaborative effort across the organization that accounts for people and process as much as it does technology. This is a nice soundbite as it speaks to a friendlier user experience for the thousands of Googlers working across the globe, but it was really the revolutionary design of the architecture and careful implementation of the system that made it possible. When Google talks about their BeyondCorp initiative, they often do so in terms of the final outcome - eliminating their need for a corporate VPN.

beyondcorp initiative

This is part 1 in a series of blog posts dedicated to helping companies learn what it takes to achieve a Zero Trust security architecture of their own much like Google’s BeyondCorp.







Beyondcorp initiative
0 kommentar(er)
Om Mig: