What is Zero Trust Identity security?

What is Zero Trust Identity Security?

GCP Comics #5 Identity and Zero Trust Model

Priyanka Vergadia
Dec 10, 2020 · 3 min read

Autors: Priyanka Vergadia & Max Salonstall

A zero trust network is one in which no person, device, or network enjoys inherent trust. All trust, which allows access to information, must be earned, and the first step of that is demonstrating valid identity. A system needs to know who you are, confidently, before it can determine what you should have access to. Add to that the understanding of what you can access — authorization — and you’ve got the core foundation of zero trust security.

At Google we rely on a zero trust system known as BeyondCorp, to move beyond the idea of a privileged corporate network.

In this issue of GCP Comics we discuss ways of acquiring trust, as our friend attempts to visit some distant relatives.

Why set up a zero trust model?

Here are a few compelling reasons for setting up a zero trust system:

  • Preserve the productivity of your employees working from home, from the office, from a coffee shop, or from anywhere else
  • Deploy quickly, faster than a traditional VPN system, for rapid onboarding
  • Spin up new device access quickly in case of unexpected latté-applied-to-laptop and similar incidents
  • Give each web application its own access control, for precise security and lower risk
  • Decide access based on identity, device health, location, time of day, or other factors

Google zero trust tools can protect your workloads on any public cloud, or on-premises, so you don’t need to move your applications to improve their security

What are the benefits of zero trust?

Lower friction

Zero trust systems can be invisible to the employees at your company. They sign in, they use a strong second factor, and they are ready to go.

Portability

The authentication and authorization aren’t tied to your location. Previous methods of access control relied on trusted networks, giving privileged access to anyone inside the established corporate network. With a zero trust model it’s easy to work from home and access all the same systems and tools.

Safety

Switching to a zero trust system has helped Google, and many other enterprises, reduce their exposure and minimize security incidents, proactively stopping phishing-based attacks and lateral movement after a compromise.

Resources

Want more GCP Comics? Visit gcpcomics.com & follow us on medium pvergadia & max-saltonstall, and on Twitter at @pvergadia and @maxsaltonstall and to not miss the next issue!

Google Cloud - Community

Google Cloud community articles and blogs

Google Cloud - Community

A collection of technical articles and blogs published or curated by Google Cloud Developer Advocates. The views expressed are those of the authors and don't necessarily reflect those of Google.

Priyanka Vergadia

Written by

Developer Advocate @Google, Artist & Traveler! Twitter @pvergadia

Google Cloud - Community

A collection of technical articles and blogs published or curated by Google Cloud Developer Advocates. The views expressed are those of the authors and don't necessarily reflect those of Google.