Header Ads

Breaking News

Google enters zero-trust market with BeyondCorp Remote Access offering


Google is launching a commercial zero-trust remote access service that will allow companies to enable their work-from-home employees to access internal web-based applications without the need of virtual private networks (VPNs). Called BeyondCorp Remote Access, the subscription-based service will be part of Google Cloud’s portfolio and will cost $6 per user per month, but it will not require customers to already be users of Google’s existing cloud-based services or enterprise collaboration tools.

Google has been an early adopter of zero trust network architecture for its own corporate network, a process that started a decade ago and has been documented over the years in a series of papers and blog posts. The company calls its approach BeyondCorp, and it is centered around the idea of access to applications and services being granted based on user and device identity and security posture regardless of their location in respect to the traditional corporate network perimeter.

With a lot of IT infrastructure moving to the cloud and enterprises having to accommodate outside contractors in addition to their own remote employees, having security policies tied to a strictly defined network perimeter has become increasingly hard. With BeyondCorp and zero-trust access in general, there is no network perimeter. All users are treated as external users and are subject to the same identity and security checks before being granted access to resources.

The COVID-19 pandemic has forced many organizations to adapt to a new reality where much of their staff have to work from home. This poses significant challenges because the existing VPNs companies had in place were not designed to handle a sudden explosion of remote workers. Because infrastructure is hard and expensive to scale, experts believe that this is a good opportunity to pilot zero trust networking, as it is more cost efficient and future proof.

“We’ve been actively working for the past few years to bring a version of BeyondCorp technology, which we pioneered many years ago, to the enterprise,” Sunil Potti‎, vice president and general manager for Google Cloud, tells CSO. With the advent of COVID-19, some of the core elements and technologies behind that approach have been accelerated into a product that allows companies to use basically the same infrastructure that enables 100,000 plus Google employees to work from home, he says.

How does BeyondCorp Remote Access work?

For now the platform can only enforce access controls for web-based applications, which means that companies connect their previously internal web-based apps to Google Cloud. The control plane and data plane related to access control is then done in the cloud. Google plans to expand the technology in the future to cover non-HTTP-based services and applications.

Copyright © 2020 IDG Communications, Inc.

Source Link

No comments