By George Lattimore Posted April 20, 2019
According to Google®, “BeyondCorp is a security model that builds upon seven years of building zero trust networks at Google.” But, what exactly are the benefits of a BeyondCorp implementation based on a Zero Trust Model? Well, as the creator of the BeyondCorp security model implementation, and by extension a pioneer in Zero Trust Security, Google believes there are a number of them. Before diving into the benefits, let’s first understand what exactly a Zero Trust Security model entails, why Google is so excited about it, and how you can potentially leverage it in your own organization.
Why Google Values Zero Trust Security
The concept of Zero Trust Security is quite important in today’s modern cloud era. Presented as a revolutionary security model back in 2009, Zero Trust Security has since been widely adopted as a significant upgrade over the traditional domain model. With burgeoning cloud infrastructure, web applications, macOS® and Linux® systems, cloud and physical file servers, WiFi, and more, the IT network has dramatically changed and moved away from the traditional perimeter-based, Windows® domain model.
In order for security to account for the wide variety of endpoints emerging in the cloud, Zero Trust Security recognizes that all network traffic and users simply can’t be trusted. This shift in approach encompasses cloud resources that the traditional domain model struggles to cover, and significantly reduces the blind spots for cyber attacks to enter the network.
Google knew of the traditional domain blindspots early in the cloud era and realized then that a different approach to security was needed. No matter whether Google independently created their version of Zero Trust Security or not, the BeyondCorp model implementation has since become a lighthouse approach for Zero Trust Security deployments. Organizations need a way to centrally manage and secure user access to resources, networks, and machines. Today’s users are mobile, so their IT resources need to be mobile as well—making security more important than ever.
How IAM Realizes Zero Trust Security Ideals
While most organizations obviously don’t have the resources and expertise of Google, a key idea behind BeyondCorp was to enable and encourage other organizations to build commercial solutions that can help fulfill the needs and demands that will ultimately arise from the BeyondCorp model. In Google’s own words, “The guiding principles set forth by Google help pave the path for other organizations to realize their own implementation of a Zero Trust network.” Essentially, Google’s assumption of a completely untrusted IT environment laid the groundwork for other IT organizations to follow and third-party vendors to develop solutions around identity, device, network, and application security.
While this framework may sound ideal in theory, how exactly can organizations actually implement the principles of BeyondCorp? Well, since BeyondCorp is based on Zero Trust Security, and Zero Trust Security is a primary framework for modern identity and access management (IAM) platforms, organizations of all sizes can use IAM platforms as a bridge to modernize their security practices.
Through diligent and steadfast identity verification, system validation, and network security with an identity access and management platform, organizations are seeing the benefits of BeyondCorp firsthand. Verifying users are who they say they are and then providing them with access to the appropriate IT resources is a vital component of IAM. Verifying incoming traffic with an IAM platform is reinforced by authenticating network access through unique logins and then segmenting user access into different VLANs.
Next Gen Identity Provider
In particular, the BeyondCorp approach to IAM is encapsulated by the next generation identity provider called Directory-as-a-Service®. As a 100% cloud-based, centralized identity and access management platform, Directory-as-a-Service is enabling organizations to implement the principles of BeyondCorp and a Zero Trust Network.
If you’d like to understand more about how Directory-as-a-Service helps organizations achieve the benefits of BeyondCorp, send us a note or get started exploring the platform for yourself. First 10 users are on the house, forever.