Lessons from Our Zero Trust Journey

As I am digging deeper into the exciting world of “zero trust” (ZT), I’ve come across this fun blog series that my colleagues wrote about Google’s own journey to ZT.

Now, given that we experience BeyondCorp zero trust-style access every day at work, it is easy to lose track of the fact that getting to this butter-smooth and secure state (yes, both easy and secure, and yes it can be done) took a while. As in: years. Of hard work. By many people. Who are perhaps the best on the planet in this 🙂

First, for the impatient, here are the links to the blog series:

  1. “How Google adopted BeyondCorp”
  2. “How Google adopted BeyondCorp: Part 2 (devices)”
  3. “How Google adopted BeyondCorp: Part 3 (tiered access)”
  4. “How Google adopted BeyondCorp: Part 4 (services)”

Next, some of my favorite quotes follow below:

  • Improving productivity was actually a big part of the story, not only improving security (“When they [employees] were outside the office, they needed to connect via a VPN, creating friction and extending the network perimeter.”)
  • Reminder of the three core principles: “Connecting from a particular network does not determine which service you can access”, “Access to services is granted based on what the infrastructure knows about you and your device”, and “All access to services must be authenticated, authorized and encrypted for every request
  • “Moving to BeyondCorp [A.C. — or any other ZT model] is not a quick, painless exercise. It took us several years just to get most of the basics in place, and to this day we are still continuing to improve and refine our implementation.”
  • “Since every request goes through the core BeyondCorp infrastructure, we needed a global, highly reliable and resilient set of services.” [A.C. — my guess is that this bit is very hard for others to replicate, BTW]
  • “Access decisions depend on the quality of your input data [on users and devices].”
  • Data quality issues and inaccuracies are almost certain to be present in an asset management system of any substantial size, and these issues must be corrected before the data can be utilized in a manner which will have a significant impact on user experience.”
  • “After inventory data has been brought to an acceptable correctness level, mechanisms should be put into place to limit the ability for new inaccuracies to be introduced.” [A.C. — good asset management is a must for ZT to work, and it is really really really hard]
  • “The journey to a BeyondCorp world should start by solving organizational challenges when managing and maintaining data quality in inventory systems. “
  • It may not always be possible to gate an application by the preferred zero trust solution.” [A.C. — this sounds obvious, but this is very useful to keep in mind on your ZT journey; what to do in those cases is covered in Part 4]

There, go read the entire series, if you are into anything ZT. Especially, go read our stuff if you’ve been sucked in by the vendor who promised “magic ZT tomorrow”….

P.S. Those who want more depth, should read the research papers here.

P. .S. Hey … what … you assumed I can only blog about SIEM, no?


Lessons from Our Zero Trust Journey was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.


*** This is a Security Bloggers Network syndicated blog from Stories by Anton Chuvakin on Medium authored by Anton Chuvakin. Read the original post at: https://medium.com/anton-on-security/lessons-from-our-zero-trust-journey-2f404d670d3c?source=rss-11065c9e943e------2