The term Cloud Native usually references application-centric tools and patterns, so what does it mean to be a Cloud Native organization? It begins with the awareness that being a software company goes beyond simply making technology choices it’s about creating a culture of innovation across the entire company that fully supports the release of software at a rapid pace through tight-knit collaboration and well-oiled processes. This represents the new face of IT, driving the business forward by tackling the ever-changing demands of the customer head on.
Along the way, something else has happened within the Cloud Native organization, partially as a by-product of the people, processes, and technologies themselves the distribution and automation of teams and systems. What was once a well defined perimeter with office walls and segmented networks is now the global Internet. Employees who once had a registered computer locked to the desk now work from their personal laptops, tablets and phones. The applications that once had a known compute footprint within the datacenter now live in the cloud. While the benefits of productivity and speed to market are apparent, this does present an entirely new workforce and infrastructure environment for IT to manage, which in turn has a profound impact on security.
In dealing with this new environment, the most common approach within IT has been to setup a VPN allowing employees to enter the trusted network from any location. Another approach might be to dynamically change the networks themselves through a software defined perimeter. No matter how fine-grained these security measures are setup, the fundamental problem with these practices is that they still rely on segmentation as the core gatekeeper, where trust is blindly granted once on the inside. This is no longer effective as so many of the breaches that make the news come from insiders either malicious attacks or simple negligence from static credentials being stolen or misused.
These new distributed teams and automated systems break down the physical and virtual walls that once made the distinction between inside and outside. With that in mind, it’s time to look at the perimeter as legacy thinking, and form a new security architecture that maps to the culture and environment of a true Cloud Native organization.
The Google ApproachWhat better way to look at this than through the eyes of the company that truly defines web scale. Google recognized a few years back that with its large and distributed workforce, they could no longer rely on the perimeter as the primary mechanism for securing their highly sensitive resources. They have also always been keen on spurring a culture of innovation within the company, and wanted to take a fresh look at how best to design their own security architecture and practices.
The result of this internal initiative is BeyondCorp , a zero-trust architecture that shifts access controls from the perimeter to individual users and devices. Decisions are made in real-time based on a set of dynamic criteria, such as the user’s group membership or whether the device’s disk is encrypted. This could mean that a laptop today may not be valid as it was yesterday if a security patch isn’t installed. With BeyondCorp, both the user and device must be authenticated and authorized with a point-in-time attestation to be granted privileged access to a specific resource. Verify, then trust… every time.
The key to breaking down the perimeter in this manner is to push all protected resources to the public Internet. We can’t trust the public Internet, which is precisely why it’s the right way to deploy all of our applications and services. That may sound counter intuitive, but through this model we quickly find ourselves with better habits for communicating over secure channels, encrypting data, monitoring all endpoints, implementing multi-factor authentication, keeping a device inventory, and using short-lived credentials. No longer do we simply say, “it’s in the network” that’s the security equivalent of a developer saying, “it works on my computer”.
Cloud Native SecurityMany Cloud Native organizations who have gone through some form of digital transformation in recent years have learned how to be more aligned internally towards the common goal of continuous innovation. Can a security framework such as BeyondCorp really drive the business forward? By examining how our people and machines get things done in this new culture we can see that it very clearly does.
With DevOps best practices, our teams are more collaborative, our systems more automated, and our applications more flexible. We’ve done a great job as an ecosystem of clearing out any roadblocks throughout the entire software development lifecycle, however we’re placing a lot of trust in our people, processes, and technology. This means it’s even more important to implement a zero-trust architecture such as BeyondCorp, where the organization can control who has access to what, and gain visibility into who accessed what and from where the location and the connecting device.
If we boil down BeyondCorp to its essence, it’s a modern take on the well established AAA framework (Authentication, Authorization, and Accounting) that factors in distributed teams, connected devices, and automated systems. What makes BeyondCorp really stand on its own is how decisions are made in real-time, determined via a central RBAC policy engine controlled by the organization. A system referred to as the Trust Inferer is continually analyzing the users, connecting devices, and policies to assign different levels of access at the time of the request.
Looking at BeyondCorp through the eyes of Google may appear daunting to the casual observer or even a Fortune 500 Enterprise, but as with any transformative shift, it’s best to take things in stride and focus on the end goals. Cloud architects are generally tasked with deliverability, while security architects are generally tasked with reliability. It’s the usability of a framework such as BeyondCorp that keeps these two goals from running up against each other, contributing to the business goal of delivering continuous innovation to the customer. That’s the Cloud Native way.
ScaleFT is the BeyondCorp company, and we’ve made it our mission to bring Google Security for Everyone Else through our software and services. Take a tour of ScaleFT Dynamic Access Management to see what a difference short-lived client certificates make for real-time authorization. You can also follow along with the community by subscribing to the BeyondCorp weekly newsletter , joining the BeyondCorp Slack channel , or attending BeyondCorpSF Meetup events.
Recent Posts Real World Crypto 2017: Day 2Russell Haering - January 6, 2017
Yesterday I published my thoughts on some of my favorite talks from Day One of Real World Crypto 2017. The following are some highlights from Day Two. 0-RTT Key Exchange with Full Forward Secrecy In recent years two desirable properties for transport security have come to prominence: The first is Zero-RTT Key Exchange, which enables clients to securely send data to a server without waiting one or more round trips for a key exchange to complete.
Real World Crypto 2017: Day 1Russell Haering - January 5, 2017
This week I’m attending Real World Crypto 2017 in New York City. For each of the three days of the conference I’ll be highlighting a few of my favorite talks from my perspective as an engineer building infrastructure software. Project Wycheproof - Scaling Crypto Testing Thai Duong gave an overview of Project Wycheproof, an open source project developed at Google which tests cryptographic libraries for known weaknesses. According to Thai, Google internally provides abstractions for common cryptographic protocols and operations by wrapping third party libraries such as OpenSSL and OpenJDK.