Google enables zero-trust remote access w/o a VPN

Google rolls out BeyondCorp for secure remote network access ...

Google is rolling out BeyondCorp Remote Access, a new security service designed to allow remote access of internal systems without using a VPN. It uses a “zero-trust approach,” which would typically require some kind of additional authentication before granting access to an external source. When companies want to allow limited access to partners or contractors, it can be tricky to set up a secure but limited set of access rules. At the same time, when the number of remote connections suddenly soars, the VPN architecture may not be equipped to handle the load.

Inside Google, BeyondCorp avoids the need for a VPN through a design that includes a database of every device authorized to connect, a security certificate installed on that device, and integration with a human resources database that includes information about usernames and group memberships. From the employee side, they enter the network remotely through a single sign-on system that authenticates them across the internal databases, making the process fairly seamless. There is no need to install or configure a separate piece of software. With BeyondCorp Remote Access, companies facing similar issues, whether they are Google Cloud customers or not, can use this version to help directly solve those problems.