Google has rolled out BeyondCorp, a cloud-based product to help employees acres internal company web apps from any device and location. Most companies have resorted to having employees work from home but accessing the critical apps becomes a hustle due to change of location and devices.
BeyondCorp is a subset product of Google’s other capabilities. It is specifically designed specifically for quickly enabling secure access to internal browser-based apps hosted on GCP or on-premise or other clouds. The app offers a simpler VPN replacement. It also helps to select only the right users to access the information.
BeyondCorp Remote Access allows an admin to set a specific policy for the team. For example contract HR recruiters working from home on their own laptops. While only granting them access to a web-based document management system if they are using the latest version of the OS as well as phishing-resistant authentication.
“Over the last few weeks, we’ve had numerous conversations with customers about how we can help them adapt to new ways of working. While keeping their data protected,” Google Cloud’s Sunil Potti and Sampath Srinivas wrote in a blog post.
Existing remote-access VPNs are difficult to deploy for large numbers of workers at once. Also the nature of perimeter-based security si problematic when granting remote access to an extended workforce that can include contractors and temporary workers.
“To help customers solve this problem and get their workers the access they need, today, we’re introducing BeyondCorp Remote Access. This cloud solution—based on the zero-trust approach we’ve used internally for almost a decade. It lets your employees and extended workforce access internal web apps from virtually any device, anywhere. Without a traditional remote-access VPN.”
Contrary to traditional perimeter-based security systems. BeyondCorp relies on verification of context, like your identity and the device you’re using, to grant access to apps. It routes all traffic through a proxy to determine the identity of a user. And what internal data they’re allowed to access in the given context.
Over time, Google plans to offer these capabilities, control and additional protections for any application that needs user access. The new tool uses the BeyondCorp framework, a zero-trust approach to security. Google adopted it for its own mobile workforce back in 2011.