Cybersecurity is a constantly growing concern. Hackers and tech companies continue to outdo and then catch up with each other, engaged in an on going war to see who can stay one step ahead. To combat this, protection measures have to become more complicated.
Once upon a time, a username and password were the last word in sophisticated security. Then came one-time PINs and two-step verification, followed by fingerprint and facial recognition. Now, the BeyondCorp Approach is considered the best strategy.
The Way the World is Moving
As technology becomes more mobile, cybersecurity gets harder. Rather than all employees working in a single geographic location, they’re doing so everywhere, at all times. Logging in from home at night to finish a big project shows a great work ethic, but it could compromise your system. As you move around and go online using public connections, you become more vulnerable to hacking.
What is BeyondCorp?
This is the name of the Zero Trust Network that Google pioneered in 2009. Cyber criminals were breaching serious boundaries, and a group of Chinese hackers orchestrated a series of attacks called Aurora. They went after Google, Morgan Stanley, Yahoo, Adobe, Dow Chemical and other large firms. In response, Google created a brand new approach to digital security. BeyondCorp was born.
What Does it Do?
The big difference between this and conventional systems is how trust is assigned. In the past, all defences have pointed outwards. Firewalls, anti-virus software, VPNs and other security tools work to keep invaders out of private networks. Once someone gets in, the security protocols presume they are allowed to be there. They can’t distinguish between hackers and legitimate users.
BeyondCorp, on the other hand, assumes a policy of zero trust. Anyone trying to connect to the network is considered a threat until there is evidence that they are not one. One way to think about this is that the old guard adopted an “innocent until proven guilty” approach, whereas now the stance is “guilty until proven innocent”. Once a user is proven to be legitimate, they’re allowed entry.
How is it Done?
Big data is used to analyse how external devices are being used, and what type and volume of information they are submitting. This includes broad stroke factors such as passwords and login details, but also how quickly an individual types, if they are holding their smartphone in their left or right hand, and many other subtle indicators.
Taken together, these are as individually distinctive as fingerprints or handwriting. Joe Pindar, a strategist at international digital security company Gemalto, explains that in 2009, only a company as large as Google could take on the big data mining (gathering, storing and analysing the information) that this checking demands.But today, organisations are a lot more familiar with big data sets and are taking this approach increasingly often.
How it Will Help?
Anything unusual about anyone trying to log in is noticed immediately in this approach. Where once it took about 100 days to locate a threat, now it can happen in a matter of hours. Analysis is carried out as soon as a user tries to connect to a network, and the speed at which it is done is one of the best things about BeyondCorp.
Using this system also makes it easier to limit the sections of the network that different users have access to. That way, if the borders are breached, the fallout can be limited and damage control is easier. This works well for now, although hackers will no doubt work out ways around this approach in the not-too-distant future. In the next bout of cybercriminals versus tech companies, security will have to go beyond BeyondCorp.