back to article Google productises its own not-a-VPN secure remote access tool

Google has productised a remote-access tool it uses internally, because it thinks the world might be quite keen on this sort of thing right now. The tool is called "BeyondCorp" and the search'n'ad giant deployed it in 2011 to provide access to its own web apps. The company describes it as being able to pull off tricks such as …

  1. Locky

    Zero Trust and Google

    Yup, checks out

  2. Anonymous Coward
    Anonymous Coward

    Ah yes, another product on deathrow in a couple of years time.

    1. ratfox Silver badge

      The article says they've been using it internally since 2011 though.

    2. Wzrd1

      Ah yes, another product on deathrow in a couple of years time.

      More like suddenly withdrawn and abandoned.

  3. RyokuMas Silver badge
    Stop

    Coming soon to Chrome...

    I think I speak for the majority of people on these forums when I say "it'll be a cold day in hell before I run all my web traffic through a Google proxy".

    However, I can see a good number of the less tech savvy being taken in when they open Chrome/search on Google, see a great big call-to-action saying "Install BeyondCorp for safer, more secure web browsing!" or somesuch, and immediately clicking that "download & install" button - much the same way the Chrome became the #1 browser.

    Again, a prime example of why Google needs to be split up, and all internal / inter-product interations being made publicly visible.

  4. Pascal Monett Silver badge

    Great, Google has found another way to slurp our data

    I don't care what Google promises, I am not touching their products with a bargepole if I can avoid it.

    1. Anonymous Coward
      Anonymous Coward

      Re: Great, Google has found another way to slurp our data

      [Data slurp inc.]

      Far from being an in-depth computer tech, I did install Blokada on my android device.

      Glancing at the logs it is frightening to see how many entries there are trying to connect to some *google domain, even with the most basic filters enabled.

  5. stiine Silver badge
    FAIL

    the months that it might take to roll out a traditional VPN solution

    If it takes you months to roll out a VPN solution, pack up your laptop and ship it to your HR department along with your resignation.

    1. cipnt

      Re: the months that it might take to roll out a traditional VPN solution

      Hehe, you forget how slow a big corp moves. They're big and complex creatures that don't like to be rushed

      1. HildyJ Silver badge
        Holmes

        Re: the months that it might take to roll out a traditional VPN solution

        Not to mention all the little corps that don't have the tech savvy or personnel to do this themselves.

    2. Ken Hagan Gold badge

      Re: the months that it might take to roll out a traditional VPN solution

      OTOH, it might take a month or two to assess the security risks of a brand new product type, compared to a day or so to weigh up the pros and cons of granting VPN access.

  6. Anonymous Coward
    Anonymous Coward

    Beyond Corp will take months too

    i don't see how beyondcorp could be rolled out to an enterprise any quicker than a vpn.

    I thought that if you used google suite anyway then you could login from anywhere and access that data.

    I have no issue connecting to my corps google suite from outside on my own devices. we do use Ping ID too which may be a differentiator.

    1. Michael Wojcik Silver badge

      Re: Beyond Corp will take months too

      It's a proxy, so you don't have to install software on every end-user machine. You just have to push out a browser proxy configuration, or have people enter it manually. And it works the same on all end-user platforms (modulo browser issues), so you don't need versions for different platforms.

      That said - eh, it's a proxy. HTTP proxies were pretty exciting in, what, 1996? Surely there are other firms with commercially-supported security-enhanced proxies, not to mention open-source alternatives.

      1. tip pc Silver badge

        Re: Beyond Corp will take months too

        Zedscaler offer a Similar offering then too.

  7. jelabarre59 Silver badge

    Remote Desktop

    Google already *HAS* a publicly-available Remote Access tool. It's called "Chrome Remote Desktop" and it's SHIT. Although it *does* have the benefit of being secure, because it doesn't actually WORK.

    1. Wzrd1

      Re: Remote Desktop

      Well, security through brokenness is something.

      The word excrement comes to mind...

  8. Ubermik

    Google doing this?

    Wouldnt that be like letting a child molester baby sit for you?

    1. A.P. Veening Silver badge

      No, that would be like letting a known child molester baby sit for you.

  9. Kevin McMurtrie Silver badge
    Terminator

    BeyondCorp

    I swear that sounds like a fictional evil corporation from a horror movie - a shadowy entity that would edit human DNA or leave you stranded on a mining planet with angry aliens. Corporation = Evil, BeyondCorp = Beyond Evil. I Googled the name but only got pleasant looking links back. It must all be fine.

    1. Wzrd1

      Re: BeyondCorp

      Nonsense and poopycock! They'd not leave the planet to screw you that way.

      That makes them Umbrella Corporation and life in general, Resident Awful.

  10. firebits

    Hello Cloudflare Access, how are you today?

  11. Anonymous Coward
    Anonymous Coward

    Free.

    Sorry, thought you asked how MUCH it was for the duration of the great eyeball grab of 2020.

    Continued pricing after having migrated over and gotten all of your employees dependent on it was my first question about cloudflare's "solution". The answer I assume varies dependent on the outcome of negotiations with an account manager, as the list price of $5/user/month is not far off of just giving every user their own virtual desktop to RDP in to.

    I can't imagine the sort of business with internal web apps hosted on a corporate network is going to be in the price range that it is cost effective compared to setting up an apache reverse proxy with your favourite authentication module enabled. However, the cloudflare option does allow you to blame someone else (who has no liability, of course) when bolting authentication on to an insecure app and accessing it from an untrusted device bites you in the GDPR.

  12. Aron_Pacey

    Its really a great news for vpn users. Need of VPN has risen alot recently as many professionals are working remotely from their homes. Business VPNs like HostNoc and hundreds of other names are trying to facilitate remote employees in this scenario by offering various packages.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020