Google Cloud Offers ‘Zero-Trust’ Security

Matthew Broersma,
cloud security

Google Cloud’s BeyondCorp Enterprise eliminates distinction between internal and external users, as enterprises grapple with implications of SolarWinds hack

Google Cloud has rolled out a “zero-trust” security product aimed at helping organisations to adapt to increasingly complex internal and external threats.

The new BeyondCorp Enterprise offering, which is generally available, replaces BeyondCorp Remote Access, introduced last April as Google’s first zero-trust product.

The offering is based on a system Google uses internally, designed to allow staff to access systems from untrusted networks without the use of a VPN.

Google began developing BeyondCorp internally in 2010, after the company and other tech giants fell victim to Chinese hackers who stole intellectual property from their internal networks.

M2M: The Future of Cybersecurity
M2M: The Future of Cybersecurity

Internal security

In 2011 Google rolled out BeyondCorp internally, shifting access controls from the network perimeter to individual users and devices.

The “zero-trust” methodology involves making no distinction between internal and external users, and doing away with the assumption that the internal network is secure.

The technology, delivered via Google’s Chrome browser, assigns rules and policies to workloads, virtual machines or network connections, allowing necessary actions and connections and blocking everything else.

The concept is timely, coming on the heels of last year’s SolarWinds hack that saw a widely used network monitoring tool infiltrated by nation-state hackers.

Google’s launch of BeyondCorp Remote Access last year was also brought forward in response to the massive increase in remote working brought on by the Covid-19 pandemic.

Hybrid networks

Google said the Chrome browser functions as a “zero-trust OS” that sits atop customers’ hybrid environments and provides security from endpoints to applications.

The company offers a global network with 144 edge locations in more than 200 countries and territories, allowing users to work from anywhere while relying on BeyondCorp’s security capabilities.

“We’ve been on this journey for over a decade with our own implementation of BeyondCorp, a technology suite we use internally to protect Google’s applications, data, and users,”said Google Cloud Security senior vice president and general manager Sunil Potti.

“Living and breathing zero-trust for this long, we know that organisations need a solution that will not only improve their security posture, but also deliver a simple experience for users and administrators,” he added.