Google Cloud

Securing your remote work  

Working remotely is here to stay: almost three-quarters of CFOs and finance leaders worldwide intend to keep a portion of their workforce working remotely permanently post-COVID19, according to Gartner. However, working from home entails security risks.

In March 2020, there was a 350 percent increase in active phishing websites compared to January of the same year. To prevent phishing attacks on home networks, it is crucial that remote access to an organization’s data be secure. This can be achieved by building on Google’s experience with zero trust networks. How? Read further.

Trojan horses
Unfortunately, ordinary work-from-home infrastructure can easily be prone to phishing attacks. Why? Because traditional security systems and Virtual Private Networks (VPNs) rely on the assumption that everything inside a network can be trusted. However, when extending the network perimeter to remote users, this may no longer be the case. Max Saltonstall, Google Cloud developer advocate, explains: “Mobile devices aren’t compatible with your VPN client, and attackers are sneaking into your network on previously trusted devices, hiding inside like a Trojan horse.” Furthermore, Software as a Service and webmail sites are the most frequent targets of phishing attacks, according to the latest Anti-Phishing Working Group report. Phishers steal credentials from such sites, enter the organization’s network, and attack. 

Zero trust
As a result, organizations must improve the security of remote access. Enter the zero trust model, a highly secure solution without the shortcomings of VPNs. Following the mantra of “never trust, always verify,” the zero trust model does automatically traffic originating from “inside” the network. Instead, it evaluates and tests each request before granting access. That evaluation is context-based: who is requesting access, for what reason, using which device, and is it safe? By eliminating the concept of automatic trust, the zero trust model is currently one of the most powerful ways to enhance overall security. 

Nearly a decade ago, we at Google were early adopters of the zero trust model, using it as the foundation for our internal remote working service, BeyondCorp. Now that organizations need safe remote access more than ever, we have made BeyondCorp Remote Access available to the world. With a rollout of just a few days, BeyondCorp allows employees to use internal web apps from virtually any device without using a VPN. 

GoCardless: safe & secure from office to home
For businesses offering memberships, subscriptions, or invoicing their customers regularly, collecting payments through traditional bank transfers is time-consuming and can result in late payments. As the world’s first network for recurring payment collection, GoCardless facilitates this process using authorized bank debit schemes. Globally, around 40,000 businesses collect payments easily through GoCardless’ world-class application programming interface (API) and integrations with well-known billing and subscription software. 

GoCardless complies with various security standards, including the GDPR, the EU-US Privacy Shield framework, ISO 27001, and the Revised Payments Services Directive. As a result, security for use both in-office and remotely is mission critical for GoCardless. The fact that Google Cloud Platform certifications align with their standards drove their choice of cloud provider. Now, whether working from home or at the office, GoCardless employees are optimally protected through BeyondCorp:

"Using the BeyondCorp principles as a model, we deploy the Cloud Identity Aware Proxy to enable our team members to easily access team pages without needing to use a VPN," Norberto Lopes, Senior Manager, Infrastructure and Systems Engineering at GoCardless, explains. "They are onboarded automatically via G Suite and are protected by two-step authentication. We also use Cloud Key Management Service for our cryptographic keys, which enables us to rotate keys automatically if we need to."

The migration to Google Cloud Platform greatly enhanced security for GoCardless, but it did even more. Google Cloud Platform reduced GoCardless’ operations workload and infrastructure costs by 25%, meaning they can continue innovating on security at unparalleled speed. 

If you would like to discover how your organization can secure remote access with Google Cloud’s zero trust network, please visit our website: https://cloud.google.com/solutions/beyondcorp-remote-access

Sources: