Google expands its zero-trust security model, BeyondCorp, with context-aware access capabilities in its cloud-based Identity-Aware Proxy service. With this, the company hopes that BeyondCorp will be used more widely by enterprise customers.
The zero-trust security model is a framework in which access controls are shifted from the perimeter to individual users and devices, writes Silicon Angle. Employees can therefore work safely from any location, without having to set up a VPN.
Operation
The Google model was developed in 2010 for its own use, after the tech giant became the victim of Chinese hackers who gained access to the network and stole intellectual property.
A zero-trust access control does not look at whether users from inside or outside the network are requesting access. The model assumes that a user requesting access from within the network is just as unreliable as someone wanting remote access.
As a result, access requests are approved or rejected based on details about the specific user, his work and the security status of the device being used.
New possibilities
Google is convinced of the advantages of this model, which encourages large companies to use it as well. As part of this promotional campaign, the tech giant recently improved the context-aware access capabilities of his Identity-Aware Proxy service. This service is intended to help companies and organizations protect themselves against unauthorized access to their virtual machines.
The possibility was made available as a preview in January of this year and is now generally available. For example, the new feature allows administrators to give a specific group of users access to virtual machines based on their identity and the context of their request.
The biggest advantage of this is convenience. All this can be done without the virtual machines needing a public IP address and no bastion hosts need to be set up. Bastion hosts are special nodes that are set up to filter incoming traffic.
The new features are available immediately via the admin control panel in the Google Cloud Platform.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.