Google expands BeyondCorp alliance to push zero trust security

As the number of remote workers continues to soar, Google is expanding efforts to push a new model for security designed around zero trust. Following the release of its BeyondCorp product earlier this year, the company is adding four new partners to help make this standard more effective and easier to implement.

“The need to quickly provide secure access for a newly remote workforce during the early days of COVID-19 drove many organizations to explore new technologies and start down a path towards a zero trust model,” Sampath Srinivas, director of product management for Google Cloud, wrote in a blog post.As time has passed, it’s become clear that remote work will be a defining characteristic of the new normal, and modernizing security by fully embracing zero trust models is an imperative, not an option.”

The continued adoption of cloud computing has already been driving companies to rethink how they approach security. But as Srinivas notes, the pandemic and the acceleration of trends like work from home and distributed teams has added a new layer of urgency to this security restructuring.

With zero trust security, no user is trusted by default, whether they enter a network internally or externally. Typically, such verification for external users was managed by a VPN.

Earlier this year, Google released BeyondCorp Remote Access, a cloud-based security product based on a system that Google originally built for internal use almost a decade ago. The system replaces a VPN, which can be surprisingly difficult to set up and use, with a system that automates the authentication by placing certificates on devices and then matching them to a secure database.

But that was just a first step. In the blog post, Srinivas said more work needed to be done on zero trust to “democratize this technology, accelerate and ease its adoption to help organizations stay secure, agile, and productive.”

To that end, the company had previously created an alliance of partners that it is now expanding with the goal of offering a suite of products that work together to ease zero trust adoption and implementation. Those previous partners include Check Point, Lookout, Palo Alto Networks, Symantec, and VMware.

The new alliance members include:

  • Citrix: Applications being delivered via Citrix Workspace will now be able to use BeyondCorp’s access controls and policy enforcement. Employees using their personal devices will be able to access the applications without a VPN.
  • CrowdStrike: BeyondCorp will leverage CrowdStrike’s endpoint detection system to reduce a company’s risk of external intrusions.
  • Jamf: Google Cloud and BeyondCorp customers will now be able to use Jamf to ensure that only trusted devices with approved apps can access internal data.
  • Tanium: The company’s Tanium Endpoint Identity will provide monitoring of endpoint devices in real time to make sure any connected devices are both secure and up-to-date.

“Partners who share our vision are an essential part of how we help our customers modernize their security approaches in-place to deliver a better, safer normal,” Srinivas wrote.

Source: Read Full Article