BeyondCorp - Beyond "Fortress" Security

Explore Google's BeyondCorp security model in this 29-minute conference talk from BSidesSF 2017. Discover how the traditional "fortress" approach to network security is becoming obsolete in the face of mobile and cloud technologies. Learn about the four key issues undermining the castle approach and Google's six-year mission to develop BeyondCorp. Examine the evolution of infrastructure and identity management as they move beyond physical boundaries. Delve into the core principles of BeyondCorp, including user and device authentication, access policy enforcement, and the deployment of unprivileged networks. Gain insights into implementing this new security paradigm, which grants access based on device and user credentials regardless of location, eliminating the need for traditional VPNs. Understand how BeyondCorp can be applied to businesses to enhance security in an increasingly mobile and cloud-based work environment.

Intro
GCP gives developers the power to build with Google's tools and infrastructure
Four issues are wrecking the castle approach
Google's six year Beyond Corp mission (2011-2017)
Similar visions of the future
Evolution: Infra leaves the building
Evolution: Identity leaves the building
Where Are The Risks?
Solutions
Ideal access policy for ERP application
Core principles of Beyond Corp
High level
Know your users
Know your devices
Build and enforce access policy
Enable access from anywhere
Deploy an unprivileged network
Safely migrate devices
Lessons learned