GOOGLE CLOUD SECURITY WEEKS #5


Bye Bye VPN – welcome Google Cloud BeyondCorp Enterprise

So quickly time has passed now and we are in the 5th and final week of our Google Cloud Security Weeks. This time we would like to take a closer look at the topic of integration and security with existing infrastructure. Last week we briefly touched on the topic of VPN and Identity Aware Proxy for services provisioned in the cloud. For scenarios where it is necessary to fall back on the local data center and hybrid solutions, Google specifically offers a cloud solution called BeyondCorp Enterprise. 

With BeyondCorp, Google provides a concept that is used within the company itself and ensures the security of its own employees. Google does not rely on a conventional VPN solution, as one might expect, but relies on a more complex approach that puts several parameters in context in order to grant access. Google Cloud customers can go one step further and combine the power and scalability of the cloud in combination with the infrastructure from their own data center to provide applications safely and securely even without a VPN.

For this purpose, a secure connection is established between the customer’s own data center and the Google Cloud where a proxy is configured in the cloud. 

But many of you will certainly ask themselves what advantage such a solution actually offers? You can start on the end user side. For companies using BeyondCorp, there is no need for a separate VPN client for each user; all that is needed is an internet browser to access the application. 

On the enterprise side, there is no need for an expensive hardware investment for an enterprise VPN gateway, you just configure a piece of software that scales with the number of users and it does not represent a bottleneck anymore.

In addition, we mentioned data exfiltration in one of our first articles. With BeyondCorp Enterprise, additional Google Cloud services can be integrated, such as the Data Loss Prevention API (DLP API). With this it is possible to define rules to filter out or mask personally identifiable data or particularly sensitive information such as credit card data during download.   

But of course, the variety of integrations does not end here. Once a connection to the cloud has been established, the remaining services can also be used that go beyond the capacity of the in-house infrastructure.  

Does this sound exciting and does it meet exactly your pain that you currently have with your solution? Get in touch with us and we will show you how you can easily implement all this in your company. As a goodie, we offer a free audit in cooperation with Google, which gives you an overview of the status quo in your company.

You have missed the fourth week article of our Google Cloud Security Weeks? Don’t worry and follow the link to continue reading → https://happtiq.link/ngiy

Sign up to our newsletter and stay up to date with the latest news!