World news – Zero Trust 2.0: Google introduces BeyondCorp Enterprise

0
12

Google is making yet another attempt to disbelieve the crowd, and this time the company is integrating its Chrome web browser to deliver the goods.

Google launched BeyondCorp Enterprise on Tuesday. This is the latest version of the company’s Zero Trust networking offering, replacing BeyondCorp Remote Access, which was released last spring in the early stages of the COVID-19 pandemic. Instead of traditional authentication schemes for usernames and passwords on the network perimeter, zero trust models require continuous authorization of users and devices through analysis of behavior, geolocation and other authentication signals.

BeyondCorp Remote Access aims to replace traditional VPNs through a trusted access platform that enforces granular authentication policies. The platform enabled remote employees, business partners and contractors to securely access internal resources or cloud apps and data via internet-based proxies in the Google Cloud Infrastructure that apply encryption as well as access controls and context-sensitive authentication.

BeyondCorp Enterprise extends the Zero – Google’s trust model around Chrome. Instead of deploying agents on endpoint devices, the architecture of the platform is extended through the browser. Chrome has also been updated with embedded data and threat protection features designed to prevent malicious or accidental data exposure and malware infection not just on the device but across the connected network.

During a conference call with reporters, Sunil Potti, general manager and Vice President of Engineering at Google Cloud Security that Chrome essentially acts as a DLP engine within the platform, providing more data and information from the browser’s ecosystem to the authentication process.

« Chrome has emerged as part of BeyondCorp Enterprise, That BeyondCorp Remote Access didn’t exist has evolved into a major player without trust, « said Potti.

According to Potti, adding BeyondCorp through Chrome is an easy way for Google to bring the platform to more than 2 billion browser users . « Even if you’re not a Google customer and have assets only in your data center or just in Amazon or Azure, this offering works equally well with the same fidelity, » he said.

Rick Caccia, head of cloud security marketing at Google Cloud said the idea behind the platform is to continually authenticate every interaction between users, devices and applications. Organizations can create and implement access control policies that constantly check user identity, IP addresses, device information, and other authentication signals in real time, and revoke access at any time if there is a breach.

« Basically, many of the zero trust options focus on that customers have seen elsewhere, on connections from the user to the app or from the user to the network, « he said. « BeyondCorp Enterprise is the only system where every single interaction along the way – user to app, app to app, app to other infrastructure components – is re-authorized until the end. »

Google also said that security providers of Third-party vendors can develop complementary products for new platforms through the BeyondCorp Alliance partner program launched in October. For example, the endpoint security provider Tanium has integrated its platform with BeyondCorp Enterprise so that the two products can exchange security signals and provide more transparency in a company’s environment.

Orion Hindawi, co-founder and CEO of Tanium, said during the press conference, that improved visibility and an increased focus on authentication is critical in light of the recent attacks on SolarWinds’ supply chain. Security experts have stated that account monitoring and zero trust models provide an effective defense against skilled nation-state actors, such as those behind the SolarWinds attacks, which relied on legitimate bank IDs to move sideways through the victims’ surroundings. « Many of our customers are realizing, after SolarWinds, that the number of small businesses that have really, really deep visibility and control over their environment, and may not have great security, is the greatest security risk in their business. » Hindawi added that many third parties have root access to organizations but have weak security attitudes themselves.

BeyondCorp Enterprise was launched a decade after Google first began developing its trusted network model for internal use in 2011. As more and more data, applications, and workloads moved to cloud services, the company sought to remove access control and authentication from the conventional network for individual users and their devices. In 2017, Google released a commercial version of its internal zero trust network model called BeyondCorp.

These tools and methodologies enable security teams to provide analysts with the critical elements necessary to complete a cloud …

The underlying APIs, language selection and cybersecurity functions can vary widely among PaaS providers. But these five security best …

Discover the differences between private and public cloud security and hybrid cloud security before you settle for one …

In this roundup of network blogs experts reveal the critical lessons learned from the SolarWinds hack regarding the network …

As SD-WAN matures in 2021, the technology is expected to include support for integrated remote access, … < From perimeter protection to permanent patching, organizations should regularly review, update, and test their network security …

Appian Founder and CEO Matt Calkins looks at the benefits of hyper-automation and how unified technologies will ultimately help …

Business leaders need to reevaluate their IT roadmap to ensure that it is in line with today’s growing landscape. Deloitte’s IBM Alliance …

IT architecture trends in 2021 include organizing business around components and adding tools to focus on business …

Otter.ai offers subtitle, live transcription and recording options in Google Meet. The features are right with those in Zoom and …

It’s hard to say whether Windows 10 will be the definitive version of the Windows operating system, but a look at the history of Microsoft and …

The leading PC manufacturers Dell, HP and Lenovo have emphasized flexibility at home in their announcements for CES laptops. Remote work has driven …

Manual tasks are time consuming and can lead to errors. Free your IT teams and ensure a flawless environment by …

IBM has been acquiring five providers specializing in cloud-based consulting and managed services since November and would like to …

Even if you’ve already moved some workloads to the cloud, it’s never too early to check out where you’re going and never …

The Conservative Party acted illegally to collect the data Indicate the ethnicity and religious background of the voters.

Threat researchers who specialize in vulnerability research and development appear from a North Korean …

The payment processing company’s IT problem has forced buyers to access cash in Morrisons and Co-op stores

All rights reserved,
Copyright 2000-2021, TechTarget
Privacy Policy

Cookie settings

Don’t sell my personal information

Ref: https://searchsecurity.techtarget.com