Skip navigation

Moving Beyond the Perimeter: Part 2

In part 1 of our white paper series, Duo’s Principal Security Strategist Wendy Nather explained the theory behind Google’s BeyondCorp security model - a new approach to enterprise security that mitigates the risks resulting from placing too much trust in the internal network.

In part 2, Moving Beyond the Perimeter: How to Implement the BeyondCorp Security Model, Wendy describes how you can build a new enterprise security model within your organization.

Moving Beyond the Perimeter: Part 2

This new architecture focuses on securing what’s beyond the perimeter, including external applications, mobile endpoints and users.

At a high level, BeyondCorp combines validated users and validated endpoint devices with end-to-end encryption between the devices and resources they access. Plus, the model only allows users to access what’s necessary to do their jobs, a practice known as “least privilege.”

Learn more about BeyondCorp from Duo’s co-founders, CEO Dug Song and CTO Jon Oberheide:

 


Steps Toward New Enterprise Security

To implement this new framework, organizations should consider:

  • Enrolling users and endpoints into inventories
  • Identifying endpoints as “trusted” with digital certificates
  • Enforcing access policies based on validated users and endpoints

Wendy describes each step in more detail, what you will need to complete them, practical caveats, and questions to ask along the way.

The Maturity Process With BeyondCorp

Building a new security model takes time. Duo’s white paper outlines the different stages of implementation and who can reach each stage:

  • Early Maturity - Building the Inventories
  • Mid-Stage Maturity - Core Deployment
  • Peak Maturity - All the Users, Devices and the Apps

“BeyondCorp is not a silver bullet that will take care of all risks; it’s a way of increasing the security level of what used to be viewed as a “safe” environment.”

Making New Enterprise Security Easy to Attain

To make it easier for organizations to implement this new security model, Duo has packaged many of the components into a platform called Duo Beyond.

Our simplified security model includes:

Moving Beyond the Perimeter: Part 2 Cover

Download Moving Beyond the Perimeter White Papers

Download part 1 - Moving Beyond the Perimeter: The Theory Behind Google’s BeyondCorp Security Model to get more detail on the theory behind BeyondCorp, the different components required, and an overview of the security architecture.

Download part 2 - Moving Beyond the Perimeter: How to Implement the BeyondCorp Security Model to find out how to implement the model, including how to inventory users and endpoints, deploy digital certificates, and create effective access policies.

Download Now

Thu Pham

Information Security Journalist

@Thu_Duo

Thu Pham covers current events in the tech industry with a focus on information security. Prior to joining Duo, Thu covered security and compliance for the infrastructure as a service (IaaS) industry at Online Tech. Based in Ann Arbor, Michigan, she earned her BS in Journalism from Central Michigan University.