Zero Trust and Google
Yup, checks out
Google has productised a remote-access tool it uses internally, because it thinks the world might be quite keen on this sort of thing right now. The tool is called "BeyondCorp" and the search'n'ad giant deployed it in 2011 to provide access to its own web apps. The company describes it as being able to pull off tricks such as …
I think I speak for the majority of people on these forums when I say "it'll be a cold day in hell before I run all my web traffic through a Google proxy".
However, I can see a good number of the less tech savvy being taken in when they open Chrome/search on Google, see a great big call-to-action saying "Install BeyondCorp for safer, more secure web browsing!" or somesuch, and immediately clicking that "download & install" button - much the same way the Chrome became the #1 browser.
Again, a prime example of why Google needs to be split up, and all internal / inter-product interations being made publicly visible.
[Data slurp inc.]
Far from being an in-depth computer tech, I did install Blokada on my android device.
Glancing at the logs it is frightening to see how many entries there are trying to connect to some *google domain, even with the most basic filters enabled.
i don't see how beyondcorp could be rolled out to an enterprise any quicker than a vpn.
I thought that if you used google suite anyway then you could login from anywhere and access that data.
I have no issue connecting to my corps google suite from outside on my own devices. we do use Ping ID too which may be a differentiator.
It's a proxy, so you don't have to install software on every end-user machine. You just have to push out a browser proxy configuration, or have people enter it manually. And it works the same on all end-user platforms (modulo browser issues), so you don't need versions for different platforms.
That said - eh, it's a proxy. HTTP proxies were pretty exciting in, what, 1996? Surely there are other firms with commercially-supported security-enhanced proxies, not to mention open-source alternatives.
I swear that sounds like a fictional evil corporation from a horror movie - a shadowy entity that would edit human DNA or leave you stranded on a mining planet with angry aliens. Corporation = Evil, BeyondCorp = Beyond Evil. I Googled the name but only got pleasant looking links back. It must all be fine.
Sorry, thought you asked how MUCH it was for the duration of the great eyeball grab of 2020.
Continued pricing after having migrated over and gotten all of your employees dependent on it was my first question about cloudflare's "solution". The answer I assume varies dependent on the outcome of negotiations with an account manager, as the list price of $5/user/month is not far off of just giving every user their own virtual desktop to RDP in to.
I can't imagine the sort of business with internal web apps hosted on a corporate network is going to be in the price range that it is cost effective compared to setting up an apache reverse proxy with your favourite authentication module enabled. However, the cloudflare option does allow you to blame someone else (who has no liability, of course) when bolting authentication on to an insecure app and accessing it from an untrusted device bites you in the GDPR.
Biting the hand that feeds IT © 1998–2020