For this month we have a really great topic that our team has been doing a lot of research around and something I know numerous meetup members have talked about.
Most of us remember the hack that Google experienced back in 2010 when they had a significant amount of their IP stolen. At that time, their network and engineering teams looked at what happened and how they felt they could prevent it in the future. For the last 7 years they've been changing the way they manage user, device and their identities into a new model called BeyondCorp.
Google sees little distinction between board rooms and bars, cubicles and coffee shops; all are untrusted under this new perimeter-less security model called BeyondCorp. This new model verifies the trust of the user and the device before granting access to critical applications, every single time. How does a company that doesn't have the resources of Google achieve a similar security posture? What does BeyondCorp mean for the rest of us? During the meetup we'll plan to discuss this topic with Zoe Lindsey of Duo Security. Duo is known for making multi-factor authentication radically easy and deployable in an hour. Duo recently launched Duo Beyond, the first commercial implementation of Google's BeyondCorp security model. Duo worked with several customers such as Kayak and Tanium to design Beyond and make it accessible for everyone.