2022-05-19, 17:15–17:45, Ville-Marie
BeyondCorp is Google’s initial implementation of a zero trust architecture, which grants application access based on the user, device, and application. Despite all the excitement about zero trust architecture, there’s little concrete guidance (and a lot of vendor noise) on how to successfully implement one. In this talk, Maya and Eric will provide insight into BeyondCorp fundamentals, common misconceptions, and a roadmap for your organization to get to a zero trust architecture.
The Zero Trust mandate is nigh and with it, debates of industry readiness, product pitches, and the question as old as time: what is a BeyondCorp? Is it time to re-architect our infrastructure from the ground up or start buying the latest security tools?
BeyondCorp is Google’s initial implementation of a zero trust architecture, and is still the guiding star for many organizations. In a zero trust architecture, every request to access an application is a policy decision, based on the user, device, and application. The BeyondCorp whitepapers explain what Google built, and some of the organizational challenges, but don’t lay out a step by step guide to getting there, or how you know you’re on the right track.
In this talk, Maya and Eric will fill in the gaps. They will provide insight into BeyondCorp fundamentals, including requirements for user identities, controls and measurements for devices across platforms, and how to construct access policies. Then, they’ll get into common misconceptions and what you might need to tackle as you continue your journey. You’ll come away with a roadmap for your organization to get to a mature zero trust architecture, and what the industry can do better to support zero trust principles.
Maya is a Product Manager at Tailscale, providing secure networking for the long tail. She was previously at GitHub in software supply chain security, and before that at Google working on container security and encryption key management. Prior to Google, Maya worked at McKinsey, and studied mathematics at McGill University.
Eric is an Engineer on Google’s Enterprise Infrastructure Protection team, where he builds systems to scale internal security processes. He’s previously worked on Linux fleet security at Google, upstream Kubernetes, and Cloud authentication systems.