My guest this week is David Cross and it is my second discussion with him. I loved talking to David when he was on the Microsoft side of the fence. Two years later, he is on the Google side of the fence as a Cloud Security Engineering Director, and I decided to bring him back on for another fun conversation.
We discuss Google’s on-premises Solutions, Data Custodian Model (SAP), the story behind BeyondCorp, Google’s beta product, called Identity-Aware Proxy and much more. Our conversation is a deep dive into IT Security and highly technical… Regardless of your title within IT Security realm, you will benefit from this conversation.
Major Take-Aways From This Episode:
Google’s beta product – Identity-Aware Proxy (IAP) service (https://cloud.google.com/iap/),
BeyondCorp Model (https://research.google.com/pubs/pub44860.html) at Google and Anti-Phishing,
Importance of two-factor authentication; U2F Security Keys (https://www.yubico.com/products/yubikey-hardware/fido-u2f-security-key/), FIDO U2F Protocol (https://fidoalliance.org/specs/fido-uaf-v1.0-ps-20141208/fido-uaf-protocol-v1.0-ps-20141208.html), OAuth (https://oauth.net/)
YubiKeys (https://www.yubico.com/?pubref=idbg&utm_source=bing&utm_medium=cpc&utm_campaign=BRD%20-%20CW%20-%20US&utm_term=yubikey&utm_content=HTS%20-%20YUBIKEY) – security keys for two-factor authentication,
Gsuites (https://gsuite.google.com/) – Gmail, Docs, Drive and Calendar for business, everything in one package,
Building trust in cloud service provider (Google 9 layer stack)
Data Custodian Model at Google (https://www.blog.google/products/google-cloud/sap-google-data-custodian-partnership/)
access transparency,
identity and protection
Google Cloud Blog article about Google’s custom chip Titan (https://cloudplatform.googleblog.com/2017/08/Titan-in-depth-security-in-plaintext.html).
source