The rise in remote workers, along with the advent of cloud services and SaaS apps, has drastically changed the way modern companies operate. The traditional security model, centered around protecting the perimeter, breaks down in this world, leaving corporate networks more exposed than ever to the threat of insider attacks.
The Zero Trust model has recently emerged as an alternative, providing a better architecture for protecting sensitive company resources. This paper explains how Zero Trust lowers the attack surface of employees and contractors accessing sensitive company resources.
In this brief, you’ll learn:
- The Challenge Facing Businesses Today
- How Google Got it Right With BeyondCorp
- That Zero Trust is BeyondCorp For Everyone Else
- Why Go Zero Trust For Managing Remote Access
- How ScaleFT Works for Remote Access
Traditionally, VPNs have played the role of controlling access when employees need to get to company resources from outside the privileged network. But today’s corporate environments, where distributed cloud environments are the norm, the network is no longer an effective method for determining trust. In addition, the poor user experience of VPNs often frustrates users enough to try to take shortcuts, opening up additional security risks.
A new method for IT security is needed – one that focuses less on a privileged corporate network and more on the surrounding context of who is attempting to access what from which device. This is a transformative shift from how enterprises operate today, but a necessary one to keep up with the times.
In response to a 2009 nation state attack, Google began an internal initiative to completely redesign their corporate security architecture from the ground up. The project, named BeyondCorp, does away with the concept of a privileged corporate network entirely, assumes that all traffic is untrusted by default – much like the public Internet. In this model, access controls are shifted from the network to the individual users and devices attempting to connect to corporate resources. Every request is authenticated and authorized in real-time against configurable policies that account for the dynamic nature of users and their devices. Verify, then trust… every time.
From an implementation viewpoint, BeyondCorp is specific to Google, but the initiative can be seen as a real world example of a Zero Trust network. Originally coined by Forrester Research, Zero Trust is a modern enterprise security framework more in line with how companies operate in the cloud. For those who want BeyondCorp protection like Google, Zero Trust is the right path to follow.
Implementing a BeyondCorp-inspired system within your own company may appear out of reach when looking at it purely through the lens of Google’s own experience, however. After all, they spent years on the project with a large dedicated team backed by strong executive support. How can companies who don’t operate at Google’s level of scale achieve a similar outcome in a feasible manner?
ScaleFT recognized this need, and has built the industry’s first Zero Trust platform as a service that companies can easily implement to better manage how employees and contractors access sensitive company resources. The ScaleFT platform provides the backbone of your end-to-end Zero Trust environment, tightly integrating with your identity provider, fleet management, logging services, and more. When it all comes together, you will have a BeyondCorp-inspired architecture of your own protecting your company from the threat of insider attacks.
Want to learn more about Zero Trust for managing employee and contractor access? Download the paper.