Cloud Computing was such a seismic shift to the technology industry that trying to discuss it as a single concept is like trying to nail down condensed water vapor. What context do we mean Cloud? What kind of business are we talking about? What does change mean?

Consider how your business operates, physically. Workers come into offices, remote workers login from home, warehouses are connected to logistics systems. Digital transformation is making more and more interactions to both customers to between employees through digital channels. The trouble is, most businesses use the old, antiquated methods to lock down devices and connect workers to insecure, private corporate networks.

Ancient History

As soon as the Internet was born, the companies deployed private networks, just for corporate services and accessed them remotely through VPNs.

As an analogy, think of the corporate network as a medieval walled fortress, with a moat, roving guards and a tightly controlled gatehouse. Inside the castle are goods and services which are lightly protected, because after all that is what the walls are for. Everyday workers trek from wherever they live, queue through the castle gatehouse and spend their entire day in the castle. Everything the workers need to do their job is in the castle and they felt safe. So far so good.

Things began to change when trade and commerce started happening outside the castle walls. Workers could not access the tools and products to innovate. The security at the gatehouses could not identify friend or foe. The castle was compromised from attackers who walked through the gates.

The traditional Corporate private network is very much like the castle. Security is placed at the perimeter, some checks are done at the VPN connection and the private corporate network (inside the walls) is considered trusted.

The Illusion of Network-Based Security

In 2008, the hacker group Operation Aurora targeted 20+ tech companies. The event was discovered to be a state-sponsored attack which targeted the weakly defended services within corporate networks. Forensic analysis of the attack found two methods for gaining access:

  • Credentials phished
  • Malware on end-user’s devices

The primary conclusion was that private networks in which the corporate end-user devices reside were the weak spot. Once inside a VPN, an attacker had far too much assess to soft targets and could navigate unhindered across the corporate network and attack corporate assets.

[The Source Control Systems] were wide open, no one ever thought about securing them, yet these were the crown jewels of most of these companies in many ways — much more valuable than any financial or personally identifiable data that they may have and spend so much time and effort protecting.

 — Dmitri Alperovitch, McAfee

Some of the problems with current Corporate private/VPN-based network security are that the One-Time-Passwords required for access to VPNs are easily phished. Applying firewall rules and opening ports across all of the different users types, partners and devices is not a scalable process.

Working remotely and SaaS productivity tools further complicate the ability to protect critical services and mobile devices do not work well with VPNs. Using the traditional approach to network security is like having a strong exterior with a soft inside.

The traditional corporate networks are failing to provide the security and protection to corporate services as more and more workers are accessing from remote locations on a diverse set of devices. IT departments have tried to address security at the perimeter and run into blockers:

  • Difficulty in finding a unified access management solution for both infrastructure and end-user computing needs with a track record of innovation and quality for a long-term bet
  • Complexity of integrating multiple point solutions (IAM, IaaS, productivity) that often results in sub-par user experiences and fragmented security
  • Higher cost of buying and maintaining independent point solutions

What does this have to do with Cloud?

Users increasingly access their business critical apps on the devices that make the most sense for how they work. However, traditional access management solutions such as remote-access VPN gateways often put security at odds with flexibility by imposing one-size-fits-all, coarse-grained controls that limit users.

A cloud-centric approach is the solution to the traditional network-based access model. Access is based on user identity and context of the request. This approach has been pioneered by Google under the BeyondCorp label.

BeyondCorp can be boiled down to a few key tenants:

  • Trust no network.
  • Every request to applications or data must be:
    Encrypted + Authenticated + Authorized
  • Treat every application and API is on the internet.

Repeat the above tenants multiple times… until it sinks in.

This is another fundamental shift that Cloud is bringing to how businesses operate. Protect the data and services, not the network — which is probably already compromised. Even code repositories holding Google Search code, the most important and valuable asset Google has, are “on the internet”.

The BeyondCorp vision is without question the future of enterprise IT. BeyondCorp is an enterprise security model that builds upon 6 years of building zero trust networks at Google, combined with best-of-breed ideas and practices from the community.

— Steve Pugh

BeyondCorp Principles

With internet-based devices and data in the cloud, traditional solutions that assume trust based on network presence are no longer viable. Context-aware access relies on the identity of the user and context of the request to control access to company resources. In addition, context-aware access enables customers to grant access granularity to specific workloads and apps rather than the one-size-fits-all approach that is common with network-based solutions. Finally, context-aware access provides intuitive user experiences accessing apps and infrastructure in the cloud without the complexity of remote-access VPN gateways.

Context-aware access is an approach in access management that builds upon the BeyondCorp principles:

  • Connecting from a particular network must not determine which services you can access.
  • Access to services is granted based on what we know about you and your device.
  • All access to services must be authenticated, authorized and encrypted

Why this is different from previous attempts to secure the corporate perimeter is the approach to each request and application. The focus is on the data and services, not just the end-device network. Some of the other key components for context-aware access:

  • Attributes: The Context of the user and request matter
  • Policy: Define and apply policies which apply conditional access to both the end-user device and the requested resource
  • Apps & data: Protect and encrypt all critical data, treat as if it is on the Internet

How is works with Google

BeyondCorp is now available as a Google Cloud solution called context-aware access that is powered by Cloud Identity, Identity-Aware Proxy, Identity & Access Management, and VPC Service Controls. Administrators can create granular access control policies to GCP workloads and G Suite based on attributes like user identity, device security status, and IP address.

Context-aware access allows organizations to define and enforce granular access to GCP workloads and G Suite based on a user’s identity and the context (location, device, etc) of their request without traditional remote-access VPN gateways. This increases the organization’s security posture while decreasing complexity for users, giving them the ability to seamlessly log on to apps from anywhere and any device.

Context-aware access offers:

  • Contextual approach — An innovative, simpler way to secure access to resources based on both user’s identity and context of the request rather than the traditional network-based approach.
  • Granular controls — Granular access controls; peace of mind for IT/security teams. Access can be granted granularly to specific workloads and apps. Context-aware access verifies that the user, device, and location are trusted before access is granted.
  • Unified management across infrastructure, services, and apps — One platform to secure access to GCP workloads (APIs, resources, apps) and G Suite.

Summary

The traditional network security model of the walled castle is not secure for the modern age and hobbles the ability for enterprises to innovate and support a mobile and changing workforce. To address this gap, customers can now use context-aware access, an innovative approach to access management that implements many elements of Google’s BeyondCorp vision for apps and services on Google Cloud and beyond, to help organizations increase security as well as flexibility.