Upload
specktech
View
76
Download
1
Embed Size (px)
Citation preview
Confidential + Proprietary
BeyondCorpA New Approach to Enterprise Security
Federico ScrinziOctober, 2016
Confidential + Proprietary
$ whoami
Federico ScrinziSite Reliability Engineer at Google
● We "keep Google up"● I solve Rubik's cubes● I capture flags● I like speck :)
Confidential + Proprietary
A convergence of issues
An increasingly mobile workforce.
A plethora of client devices used by this mobile workforce.
The emergence of Cloud services.
Concerns about Cyber Attacks and our attack surface.
Confidential + Proprietary
BeyondCorp means ...
1. Access to services is granted based on what we know about you and your device.
2. Connecting from a particular network must not determine which services you can access.
3. All access to services must be authenticated, authorized and encrypted.
Confidential + Proprietary
Our Five Year Mission
● To re-architect the Corporate Infrastructure to remove any privileges that have been granted solely on the basis of having a private IP address.
Confidential + Proprietary
Our Five Year Mission
● To re-architect the Corporate Infrastructure to remove any privileges that have been granted solely on the basis of having a private IP address.
or put another way
● To remove the need for a privileged Corporate network.
Confidential + Proprietary
Our Five Year Mission
● To re-architect the Corporate Infrastructure to remove any privileges that have been granted solely on the basis of having a private IP address.
or put another way
● To remove the need for a privileged Corporate network.
or put another way
● To have every Google employee work successfully from untrusted networks, without use of a VPN.
Confidential + Proprietary
Know your Devices
Keep an accurate device inventory.
Uniquely identify each device.
Confidential + Proprietary
Know your Users
Keep an accurate user inventory.
Identify groups that users are in.
Externalize Single Sign On.
Confidential + Proprietary
Build a Trust Model
Dynamically calculate trust of devices.
Multiple, on demand, data sources.
Policy driven.
Confidential + Proprietary
Enforce Access Policy
Access depends on who you are.
Access depends on what groups you are in.
Access depends on the trust level of device you are using.
Policy driven.
Confidential + Proprietary
Enable Access from anywhere
Same access from inside.
Same access from outside.
Confidential + Proprietary
Migrating to BeyondCorp
Fifteen years of Corporate Infrastructure.
Fifteen years of assuming a privileged Intranet.
Problem Definition:
Move to BeyondCorp …but don’t break anyone.
Confidential + Proprietary
The Managed Non-Privileged (MNP) Network
A brand new network VLAN.
Equivalent to an external network (no privilege).
Deployed across the company.
But how to get every device on MNP safely ?
Confidential + Proprietary
Analyse our Network Traffic
Record and analyze our daily traffic.
Identify workflows that would fail on new unprivileged network.
Fix and repeat.
Confidential + Proprietary
Safely Migrate Devices
Qualify workflows / job functions.
Encourage users off the VPN.
Analyze device traffic patterns.
=> Migrate devices only when safe to do so.
Confidential + Proprietary
How we executed on BeyondCorp
Multi year, cross functional, program.
High level executive support.
Top level company goal for a number of years.
Confidential + Proprietary
Lots of interest
Interest from many organizations.
Reviewed in the Wall Street Journal:
“Google Moves its Corporate Applications to the Internet” (1)
“Google Reveals Details About Its Device-Centric Security Approach” (2)
Industry definitely moving in this direction.
1 http://blogs.wsj.com/cio/2015/05/11/google-moves-its-corporate-applications-to-the-internet/2 http://blogs.wsj.com/cio/2016/04/05/google-reveals-details-about-its-device-centric-security-approach/
Confidential + Proprietary
In a nutshell
1. Relying on perimeter defense is risky.
2. Have zero trust in your network.
3. Base all access decisions on what you know about the user and their device.