BeyondCorp Weekly 7
Ivan Dwyer - February 14, 2017
It’s RSA week here in San Francisco (and Valentine’s Day), which means surge pricing is in full effect. To fully grasp the scope of the conference, check out the website OneLogin built just to track all the RSA parties. Kudos to anyone who attempts to make an appearance at all of these.
My original intention was to spend the first day of RSA at the Cloud Security Alliance Summit, but by the time I arrived at 9:30, they weren’t letting anyone else in. Oh well. Today and tomorrow, I will be attending the Google Security Talks (on time), and plan to write up a blog post reviewing the talks and panels by next week’s newsletter. Until then, here are a few things that caught my attention this past week.
BeyondCorp For The Rest Of Us [Duo Security Blog]
As BeyondCorp continues to generate buzz across the security community, more and more vendors are adopting the principles into their offerings, and an ecosystem is forming to help companies down the Zero Trust path. In that spirit, Duo Security has released their BeyondCorp-inspired product, named Duo Beyond.
It’s time to rethink using remote access VPNs for third-party access [HelpNet Security]
In the context of outcomes, BeyondCorp can be seen as a VPN killer. Dennis Griffin from Vidder explains the reasoning against VPNs for third party access. Where I’ll disagree here is with SDP as the solution. Zero Trust is more aligned with how modern organizations operate.
Endpoint security is the new sexy: F-Secure CEO [CSO Online]
Hard not to shake my head with that headline, but the point Samu Konttinen is making is that the efforts to mitigate risk are moving away from the network to the endpoints. That’s because criminals are more focused on targeting the endpoints because that’s where the credentials are. Strong case for Zero Trust.
Uber Debuts SSH Key Authentication Module [ThreatPost]
A key piece to any security architecture is PKI, which poses challenges in a Zero Trust model given the static nature of the credentials. To solve this for internal use, Uber built their own pam module to better manage employees’ ssh keys. As Netflix did with BLESS, they open sourced it to the community.
Keep Employees Secure, Wherever They Are [DarkReading]
Google designed BeyondCorp the way they did to deal with their globally distributed workforce. They’re not alone in having remote employees, so how can other companies maintain secure BYOD environments? Matthew Gyde explains how best to secure a mobile workforce in today’s environment.
Upcoming Events
As mentioned in last week’s newsletter, ScaleFT CTO Paul Querna will be joining a panel discussion on Identity and Access tomorrow at the Google Security Talks. It’s free and open to all, but space is limited, so be sure to RSVP here.
That does it for this week. Check back this time next week for another set of relevant news, articles, and events. Cheers,
Ivan at ScaleFT
Ivan Dwyer
Ivan Dwyer is the VP of Product Marketing at ScaleFT, working with the community to raise awareness around BeyondCorp and Zero Trust for organizations of all kinds looking to modernize their security architecture.
