Google talks about its device centric approach.
Alphabet Inc. business segment Google has revealed about its recent approach when it comes to corporate security. This approach might lay the basis for a model that can be used by other companies.
According to search engine giant, they have now deployed a device centric security in contrast to the conventional model that governs on the physical location of users resulting in “substantially improved the security posture of Google.”
In the Spring issue of ;login, a paper was published that talks about the company’s Beyond Corp initiative in detail. The company had a conventional approach initially that made use of perimeter security firewalls. Back in May, 2015 CIO Journal revealed about the presence of BeyondCorp.
As per the recent model, the access on the resources is linked to the user credentials and device with no regards to the employees network location. This actually means that an employee will be treated as same regardless of what his location is: be it a home, café or office.
The shift however was not that easy to implement and there were numerous challenges associated with it like to manage the complexities whilst dealing with the asset data in the new system as per the paper, every employee device needs to be tracked by Google seamlessly to identify data the employee devices are used to garner corporate apps with relevant information regarding the software on the device has been patched or not. Moreover, even if the device is repaired then even that would be notified.
The authors at Google namely Justin McWilliams, and Max Saltonstall, Barclay Osborn and Betsy Beyer claimed that if the data quality is poor when it comes to asset management then the device loses access unintentionally to the corporate resources. Thus the system will not recognize the user devices then. The problems associated to data quality can happen at a frequent rate when devices are repaired. The components and physical parts of a device are thus replaced or moved within.
The tech giant has refused to comment on the matter except the information that has surfaced in the published paper pertaining to the obstacles for BeyondCorp.
However if any company succeeds in managing data and overcomes the challenges regarding the device from numerous sources then the new system will subsequently help the company in improving the security claims an analyst.
A renowned analyst and Vice President at Gartner Research, Avivah Litan told the CIO Journal, “With rapid growth in online services, devices are in essence the new identities that must be assessed in order to enable secure access.” She further explained, “It’s very smart to build access policies and control engines around inventoried devices, and to continuously assess the risk and trust level of a device’s state before granting that device access to different resources.”
No comments:
Post a Comment