Security is a crucial aspect of any organisation, and it is essential to take it seriously. However, many companies view security as a burden that makes it difficult for everyone, leading to a lack of support from top management. This lack of support can be detrimental to the organisation’s overall security. The talk emphasises the importance of bringing value to the business through a customer-centric approach to security. The focus should be on delivering a secure solution that’s easy and flexible to use rather than just a secure solution. This approach can change the perception of security as a hindrance to security as an enabler.
Prioritising Resource Allocation with a Risk-Based Approach
Introducing the concept of zero trust, the idea of putting security in the application rather than at the edges. The old model of securing individual stores with firewalls and other measures was unsuccessful since it always left a hole. The new approach is to identify the crown jewels of the company and protect them. While accepting that not everything can be protected equally. A risk-based approach is needed to allocate resources to the most critical areas.
The weakest link in security is typically the endpoint, which is usually a simplified PC at home. With the rise of remote work, hackers target people working from home, making endpoint security more critical than ever. Protecting the security endpoint is crucial, and secure communication and encryption of data and software are also essential. Companies should invest in security devices for employees, especially for those working remotely.
The Google BeyondCorp Strategy
Google recognizes the need for a comprehensive and user-centric security solution that aligns with the digital transformation initiatives of modern businesses. Google BeyondCorp embodies the zero trust philosophy and provides organisations with the tools and infrastructure to enforce strict access control and protect critical data. The core elements of the Google BeyondCorp strategy include:
- Device Trust Levels: By categorising devices based on their security posture and trustworthiness, organisations can grant access levels accordingly. This approach ensures that each device meets the required security standards before accessing resources.
- Application Trust Levels: Applications are assessed based on their criticality and potential impact on the organisation. Trust levels are assigned, and access is granted accordingly.
- Content-Aware Proxy: This component enables the detection of suspicious activities and behaviours, allowing organisations to implement additional security measures when necessary. It includes user and device context, such as location and time of access, to assess risk levels accurately.
- Multi-Factor Authentication (MFA): Google BeyondCorp expands the scope of MFA beyond individual identities to encompass the criticality of data and applications. This approach ensures that the appropriate authentication measures are applied based on the sensitivity of the accessed resources.
Implementing Google BeyondCorp
To transition to the Google BeyondCorp framework, organisations must collaborate with Google’s professional services and technical teams. The implementation involves the following steps:
- Access Control: Organisations define access policies and trust levels based on their unique requirements. The policies specify which devices and users can access certain resources, enabling granular control over data and application access.
- Device and Application Evaluation: Devices are classified into different trust levels based on their security posture. Similarly, applications undergo a business impact analysis to determine their trust levels. This evaluation ensures that the appropriate security measures are applied to each device and application.
- User Experience: Google BeyondCorp aims to provide a seamless and user-friendly experience. Users can access resources using various devices, including personal devices while adhering to the defined security policies.
Central Logging: Logging and monitoring play a crucial role in detecting anomalies and potential security breaches. Google BeyondCorp incorporates a central logging system that captures and analyses logs, enabling effective threat detection and response.