BeyondCorp with Robert Sadowski

On this episode of the podcast, our old pal Mark Mirchandani is joined by special guest host Max Saltonstall to talk trust and security with fellow Googler Rob Sadowski. BeyondCorp is Google's answer to allowing employees to use company networks on any device while outside the building in a way that is both secure and efficient. Users are authenticated per session and per device to give access only to the specific person, on the specific device, for the specific job each time. In addition to the thorough authentication process, BeyondCorp continues to monitor device metadata during use as part of the system's decision to continue to trust (or not trust) a user. With this information, if a user accidentally exposes the system to malware, for example, access can be revoked quickly.

Max and Rob explain the steps Google went through to create such a state-of-the-art security program and give tips on how companies can build something similar. Codifying your employees' needs and preferences, detailing the levels of trust you'll allow, and thinking ahead about where in the world your employees will be when they access the system are some of their tips. Rob stresses how complicated the system was to build from scratch and emphasizes that with BeyondCorp Remote Access, companies don't have to build a whole new system.

BeyondCorp Remote Access offers automatic scaling and world-wide points of presence for a fast user experience anywhere in the world. Companies can define access rules for each user, setting trust levels and parameters for who can access what parts of the network. Rob points out that this is a great solution, not only for employees who find themselves working from home due to the current global climate, but also for freelance or contract workers who only need access to parts of the internal system.

Rob Sadowski

Rob Sadowski is the Trust & Security Product Lead for Google Cloud at Google. He is responsible for creating and delivering Google Cloud's security message, spanning platforms, applications, and connected devices.

Cool things of the week

• Using Bigtable's monitoring tools, meant for a petabyte-scale database, to… make art blog
  • GCP Podcast Episode 192: Cloud Bigtable with Billy Jacobson podcast
• A simple, secure way for teams to meet and work: G Suite Essentials is here blog

Interview

• BeyondCorp site
• BeyondCorp Remote Access site
• BeyondCorp: A New Approach to Enterprise Security paper
• BeyondCorp: Design to Deployment at Google paper
• BeyondCorp: The Access Proxy paper
• Migrating to BeyondCorp: Maintaining Productivity While Improving Security paper
• BeyondCorp: The User Experience paper
• BeyondCorp 6: Building a Healthy Fleet paper
• NYC Cyber Command site

Tip of the week

This week, Max talks about 2-step verification, security keys, and why you need them!

What's something cool you're working on?

Max is working on Stack Chat at Home (coming soon!), BeyondCorp in a Bottle, as well as Ring Fit Adventure and Just Dance video games.

Sound Effect Attribution

• "Clarinet Multiphonics" by jfcharles of Freesound.org