SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Google Cloud announces availability of zero trust platform BeyondCorp Enterprise
Wed, 27th Jan 2021
FYI, this story is more than a year old

Google Cloud has announced the availability of BeyondCorp Enterprise, a zero trust platform protected by the company's DDoS protection service.

The platform directly replaces BeyondCorp Remote Access, which was brought to the market in April 2020 as Google's first foray into the zero trust space.

The platform, delivered through the Chrome Browser, provides non-disruptive support through its agentless architecture, Google says. It also leverages platform security built-in — rendered necessary with the rise in software supply chain attacks.

This security includes embedded data and threat protection, which aims to prevent malicious exfiltration and malware infections from the network to the browser. Stronger authentication has also been embedded, Google says, including continuous authorisation for every interaction between a user and a BeyondCorp-protected resource.

Users can also leverage automated public trust SSL certificate lifecycle management for internet-facing BeyondCorp endpoints.

In its announcement, Google stressed the importance of its support from its ecosystem of partners — which it credits as key to its efforts to democratise zero trust technology. It counts several partners as part of its Alliance, including Check Point, Citrix, CrowdStrike, Jamf, Lookout, McAfee, Palo Alto Networks, Tanium and VMware.

The platform is open at the endpoint to incorporate signals from partners, so customers can utilise this information when building access policies.

“As we enter a new era of security, enterprises want a seamless security model attuned to the realities of remote work, cloud applications, and mobile communications,” says Tanium co-founder and CEO Orion Hindawi.

“Zero trust is that model, and critical to its efficacy is the ability to readily assess the health of endpoints. Who is accessing them? Do they contain vulnerabilities? Are they patched and compliant?

“With Google Cloud, we're on a journey to offer today's distributed businesses joint solutions that provide visibility and control into activities across any network to any application for both users and endpoints.

Google Cloud Security vice president and general manager Sunil Potti says the support of its partners was integral to the platform's development.

“Our partners are key to our effort to further promote and democratise this technology,” says Potti.

“The BeyondCorp Alliance allows customers to leverage existing controls to make adoption easier while adding key functionality and intelligence that enables customers to make better access decisions.

Potti also mentions the support of Google's customers, who the company worked with to ‘battle-test' BeyondCorp Enterprise.

Deliveroo vice president of engineering Vaughn Washington says the platform made it easy to bring the zero trust model to its distributed workforce.

“Having secure access to applications and associated data is critical for our business,” says Washington.

“With BeyondCorp Enterprise, we manage security at the app level, which removes the need for traditional VPNs and associated risks.

“With BeyondCorp Enterprise and Chrome Enterprise working together, we have additional visibility and controls to help us keep our data secure.