Google has released a new security whitepaper as an extended version of the previous papers they have published in order to help enterprises direct their scaling process.
This new version was launched on December 17th, with the goal of helping enterprises to scale their own tools using the new approach to cloud-native security. It is named BeyondProd and is very similar to the previous BeyondCorp zero trust system.
The difference between the two is that BeyondCorp zero trust system had launched a couple of years before to aid enterprises through security systems and approaches. The system is meant for taking security away from VPNs and firewalls as well as moving it closer to individual users and devices.
The new way is an extended version of BeyondCorp called BeyondProd, which aims at Google’s zero-trust way to connecting machines, workloads, and services. Beyondprod is very similar to BeyondCorp and has many similar features as well.
Some of the same features are, network protection at the end, automated and standardized change rollout, isolated workloads, trusted machines running a known code, and no mutual trust between services.
“In the same way that BeyondCorp helped us to evolve beyond a perimeter-based security model, BeyondProd represents a similar leap forward in our approach to production security. By applying the security principles in the BeyondProd model to your own cloud-native infrastructure, you can benefit from our experience, to strengthen the deployment of your workloads, how your/their communications are secured, and how they affect other workloads,” Google said.
This new approach does have benefits to it as it focuses on enhancing and improving the overall security of cloud-native applications that will liaise over APIs and also run on modern infrastructures. Extra security is also good for budget control as it will keep the money spent in control and spend less on unnecessary security recovery issues.
All of these features will be available to developers through a variety of Google’s services like GKE and Anthos, its hybrid cloud platform. Many different open-source tools are also offered to allow developers to create new systems that attach to Envoy, gVisor, and Istio among other such platforms.
Google also elaborated that, “altogether, these controls mean that containers and the microservices running inside can be deployed, communicate with each other, and run next to each other, securely; without burdening individual microservice developers with the security and implementation details of the underlying infrastructure.”