June 20th, 2017
The BeyondCorp security engineering team at Google just announced their fourth research paper: Migrating to BeyondCorp: Maintaining Productivity While Improving Security.
For those that aren’t familiar with it, BeyondCorp is a security approach used by Google that allows employees to work from anywhere, quickly and easily.
This is easier said than done. In 2010, we undertook a massive project to rethink how to provide employees with secure remote access to applications: We moved away from our corporate VPN, and introduced BeyondCorp, a zero-trust network security model.
With BeyondCorp, we no longer have a binary access model, where you are either inside the whole corporate network, with all the access that allows, or outside and completely locked out of applications. Our new approach provides a better, more convenient, and less risky way: access to individual services as you need them, based on who you are and what machine you’re using.
While BeyondCorp makes applications easily accessible from anywhere, it also improves security in other ways. Over the course of the migration we’ve discovered services that we thought were long dead, because this change required taking a detailed look at our traffic, our dependencies and our employee usage patterns. It’s also allowed us to scale globally while reducing our attack surface, and increased our ability to provide access when appropriate.
This March, we began offering elements of BeyondCorp to other organizations, in the form of Cloud Identity-Aware Proxy (IAP). Already, Cloud IAP has helped Google Cloud customers put fine-grained access controls on their critical internal services and applications based on region, time, role or group. More importantly, Cloud IAP removes obstacles to getting work done. Authorized employees get in, wherever they are, and do their job, or Cloud IAP blocks them, because they aren’t supposed to have access.
BeyondCorp: a work in progress
At Google, we’ve been on our BeyondCorp journey for several years, gradually shifting more of our traffic and services away from a segmented, privileged corporate network and onto the public internet and cloud.
You may be wondering how to move to a similar model. What do you need to do? What’s the potential impact on your company and your employees? The latest installment of our research paper describes how we kept people productive at Google while shifting our security model. It covers:
The process of migrating individuals to our non-privileged network
How we supported the effort through our TechStop infrastructure (local and remote service desks)
How to handle edge cases
Diagnostic tools to troubleshoot access denials
The importance of self-service documentation
Why to run a publicity campaign about the project.
In the end, we moved to this new system successfully by breaking up the work into discrete chunks, parallelizing as much as possible, and focusing on the end-user experience. To learn more about the BeyondCorp approach and determine whether it’s the right fit for your business, read all four public research papers:
And to discuss whether BeyondCorp and Cloud Identity-Aware Proxy are right for your business, give us a shout—we’d love to hear from you.