BeyondCorp Weekly 28
Ivan Dwyer - July 25, 2017
I’ve kept this newsletter relatively vendor neutral so as not to interfere with the broader message, but last week was a big one for us at ScaleFT, so I wanted to take a quick moment to point out what we’ve been working on as it relates to BeyondCorp. It’s been our goal to help companies achieve a BeyondCorp-inspired architecture of their own, and the release of our Access Fabric is an important step in that direction. Our CTO, Paul Querna, wrote a blog post explaining what an Access Fabric is: How we built an Access Fabric to eliminate VPNs.
A key characteristic of BeyondCorp is that every request to a protected resource be fully authenticated, authorized, and encrypted – without getting in the way of the end user experience. To do so requires a system that can perform lightning fast decision making with the necessary PKI backing the workflows. We’ve introduced our Access Fabric as a globally distributed, real-time authentication, authorization, and encryption broker to do just that – essentially the data plane users interact with to gain access to company protected company resources.
The release of our Access Fabric is a key piece to our BeyondCorp story, providing the backbone for a company’s own Zero Trust architecture. To learn more and join our pre-release program, visit www.scaleft.com/access-fabric.
Here are a few additional things that caught my eye this past week.
The secret to Google’s rock-solid security is now commercially available [TechRepublic]
Last promotional piece, I promise. Here Matt Asay interviews the partners of Fuel Capital about their investment in ScaleFT. Their take - numerous industry categories have emerged from projects birthed at giant companies. Hadoop came from the MapReduce paper. Kubernetes came from their Borg system. BeyondCorp has the potential to do the same for the security industry.
The strange geography of content delivery networks [Increment Cloud]
I really enjoyed this piece about the characteristics and motivation behind building a CDN. Cost, time, and even politics factor in where to spin up PoP’s, and the major players all have different reasoning behind their decisions. As mentioned, real-time authorization within a Zero Trust environment requires a globally distributed system with similar behaviors as a CDN.
TLS 1.3 in enterprise networks [UIC]
There’s an interesting debate with regards to the design of TLS 1.3. A goal of the working group is to ensure perfect forward secrecy across the board. There are apparently those within the working group representing the enterprise, however, who do not wish to lose the ability to decrypt the traffic within their own network. This speaks to the current mindset and priorities of the enterprise with regards to their private networks.
DevOps & Security: Butting Heads for Years but Integration is Happening [DarkReading]
I often make a side-by-side comparison between DevOps and Zero Trust, based on how the concepts spread throughout the people, process, and technology across the entire organization. Here, Zeus Kerravala, points out how security and DevOps have traditionally butted heads, but the tone is starting to shift. It comes down to culture, and mutual agreement with the desired outcomes.
Rethink Your Access Strategy, Think BeyondCorp [F5 Blog]
It’s great to see well established companies pick up the BeyondCorp theme because it’s further validation that it’s way more than just a passing fad. This time coming from F5, where Security Solutions Marketing Manager, Lee Slaughter, covers what this means for access management. I hope to see more from the F5 folks!
Upcoming Events
It’s Black Hat time! The ScaleFT team will be on hand at the conference this week, ready to demo the latest and greatest from our Zero Trust Platform. Come by the booth on Wednesday or Thursday, or shoot me a note to schedule a time to meet. Hope to see you there!
That does it for this week. Check back this time next week for another set of relevant news, articles, and events. Cheers,
Ivan at ScaleFT
Ivan Dwyer
Ivan Dwyer is the VP of Product Marketing at ScaleFT, working with the community to raise awareness around BeyondCorp and Zero Trust for organizations of all kinds looking to modernize their security architecture.
