Stories
Slash Boxes
Comments

SoylentNews is people

No Firewalls, No Problem for Google Workers

posted by janrinok on Friday February 17 2017, @03:31AM   Printer-friendly
from the trust-no-one dept.

MrPlow writes:

Submitted via IRC for chromas

Google may have sent the tired castle analogy of network security's soft center protected by a tough exterior out to pasture for good.

On Tuesday at RSA Conference, Google shared the seven-year journey of its internal BeyondCorp rollout where it affirms trust based on what it knows about its users and devices connecting to its networks. And all of this is done at the expense—or lack thereof—of firewalls and traditional network security gear.

Director of security Heather Adkins said the company's security engineers had their Eureka moment seven years ago, envisioning a world without walls and daring to challenge the assumption that existing walls were working as advertised.

"We acknowledged that we had to identify [users] because of their device, and had to move all authentication to the device," Adkins said.

Google, probably quicker than most enterprises, understood how mobility was going to change productivity and employee satisfaction. It also knew that connecting to corporate resources living behind the firewall via a VPN wasn't a longterm solution, especially for those connecting on low-speed mobile networks where reliability quickly became an issue.

The solution was to flip the problem on its head and treat every network as untrusted, and grant access to services based on what was known about users and their device. All access to services, Adkins said, must then be authenticated, authorized and on encrypted connections.

"This was the mission six years ago, to work successfully from untrusted networks without the use of a VPN," Adkins said.

Source: https://threatpost.com/no-firewalls-no-problem-for-google/123748/

Original Submission

 
This discussion has been archived. No new comments can be posted.
No Firewalls, No Problem for Google Workers | Log In/Create an Account | Top | 15 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Friday February 17 2017, @05:57PM

    by Anonymous Coward on Friday February 17 2017, @05:57PM (#468276)

    If people actually do this, then they should be fired. I suppose laptops could be chained to desks; maybe do both.

    At my workplace we physically remove WiFi chips. The main network doesn't route to the Internet; you use a separate computer on a separate network if you want to browse the web. Nobody would walk out with a computer. Even the obsolete equipment is secured: we physically destroy hard drives before we discard them.

    Anything less, and you should expect a Chinese competitor to replicate your product (they have the plans) and underbid you (they know your pricing tactics). You should also expect to get screwed by any Chinese suppliers you may have (they know how much you would pay before walking away from a deal).

  • (Score: 2) by Bot on Saturday February 18 2017, @09:14AM

    by Bot (3902) on Saturday February 18 2017, @09:14AM (#468536) Journal

    OK you sell products. Google products is people and they do not need to secure them, only to keep them enticed. Are you going to put your webmail in china? Alphabet not dangerous enough? Even the search and ranking algorithms might not need to be secret, as long as their parameters are.

    Their laptops are probably glorified terminals anyway.

    --
    Account abandoned.