Perimeter fences down, security posture up – Google shows how it’s done. Google has revealed how it completely changed its security architecture, shifting from a traditional infrastructure to a more open model in which all network traffic is treated with suspicion.
The project, called BeyondCorp, shifted the company from a perimeter security model to one where access to services and tools are not gated according to a user’s physical location or their originating network, but instead deploys access policies based on information about a device, its state and associated user.
The architecture was disclosed in a detailed article published on Usenix. “BeyondCorp considers both internal networks and external networks to be completely untrusted, and gates access to applications by dynamically asserting and enforcing levels, or ‘tiers’, of access,” claim the Google engineers behind BeyondCorp.
Read more at Computing