Google Launched Zero Trust Security Platform BeyondCorp Enterprise

Google has announced BeyondCorp Enterprise’s launch, a zero trust security platform that extends and replaces BeyondCorp Remote Access. The product was designed to know how Google keeps its network safe without depending on a VPN.

BeyondCorp Enterprise was released in response to global cybersecurity incidents that make companies revise their security plans as attackers turn more sophisticated and skillful. Google describes it as “a zero trust solution that enables secure access with integrated threat and data protection.”

It’s been more than a decade that Google is internally using BeyondCorp to protect Google’s applications, data, and users, said Sunil Potti, Vice President and General Manager of Google Cloud Security.

“BeyondCorp Enterprise brings this modern, proven technology to organizations so they can get started on their own zero trust journey,” Potti wrote in the blog. “Living and breathing zero trust for this long, we know that organizations need a solution that will not only improve their security posture but also deliver a simple experience for users and administrators.”

The newly launched platform successfully replaces and improves BeyondCorp Remote Access with Google’s subscription-based zero trust service launched in April by the company with a vision to help remote employees access internal applications without using a VPN.

Zero trust is defined as the IT security concept that all users, including those inside the enterprise network, need to authenticate, authorize, and continuously validate before being granted or keeping access to applications and data.

According to Potti, BeyondCorp Enterprise serves three significant benefits to customers and partners:

• A reliable and scalable zero trust platform structured in a secure and agentless manner including non-disruptive, agentless support via the Chrome Browser, Google’s global network with 144 network edge locations in more than 200 countries and territories, a wholly protected surface by Google’s DDoS protection service and built-in, verifiable security.
• Continuous and real-time end-to-end protection sums up embedded data and threat protection in Chrome, phishing-resistant authentication, with ongoing authorization for every interaction between protected resource and a user, end-to-end security, and automated public trust SSL certificate lifecycle management.
• A system that is open, extensible, and built on an expanding ecosystem of technology partners in Google’s BeyondCorp Alliance, available at the endpoint to incorporate signals from security partners and extensible to the app to allow integration services from partners.

Looking at the company’s decade-long zero trust journey, Potti expressed – Customers can’t “merely flip a switch” to implement zero trust in their organizations.

“Nonetheless, these enterprises understand the zero trust journey is an imperative,” Potti wrote. “As a result, we’ve invested many years in bringing our customers a solution that is cost-effective and requires minimal disruption to existing deployments and business processes, using trust, reliability and scale as our primary design criteria.”