« Previous 1 2 3 4
Zero Trust as a security strategy
Beyond the Patch
Zero Trust – No Alternatives
Anyone who has ever struggled as I have with the sometimes unusable infrastructure services of German corporate IT will sooner or later come to the conclusion that BeyondCorp is an absolute must-have. Many companies shy away from this realization because it requires a huge rebuild of their own infrastructure. For this reason, it is not possible to share tips or advice here with regard to individual components.
Anyone who gets around to implementing a zero trust concept for their own company usually starts on a green field and redesigns their IT application landscape, leading to unease and costly outlays. Google itself, however, proves with statistics from its own business that BeyondCorp does pay off in the long run. Higher employee effectiveness, a less complex infrastructure to maintain, and fewer sprawling processes in the company are just a few of the benefits that ultimately show up in the bottom line.
Of course, Google wouldn't be Google if the company hadn't long ago bundled BeyondCorp into a boxed product that is available for a price. The provider even offers migration consultancy to interested customers. Google has long since ceased to be the only player on the market. If you do not want to commit to Google's services, and they do play a major role in BeyondCorp, you will find similar approaches and complete packages on offer from other providers. Additionally, a market of consulting companies now exist that can implement similar concepts with on-premises components in the customer's data center.
Conclusions
Endpoint security can only work if the device that the user relies on is part of a tight network of security functions. From today's perspective, it is grossly negligent simply to assume no danger from a client on the VPN. Anyone who has had to deal with procedures of this type from an admin point of view will be aware that it can make daily operations extremely tiresome.
Truly, most companies in Europe are still fighting against the realization that the principle of the secure network has had its day. However, this strategy is not sustainable. The principle of "better late than never" applies here. If you decide to implement a comparable strategy today, you have the option, or at least a perspective, of getting away from the IT of the past. However, if you continue to resist, you can expect to be faced with an increasingly difficult-to-maintain and convoluted infrastructure.
Infos
- BeyondCorp: https://cloud.google.com/beyondcorp
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)