Back to resources

How to Leverage GCP and Google Workspace – Without Putting the Keys to the Kingdom in Danger

November 2021  /  5 min. read   /  
Britive Team

GCP Security

Google Workspace (formerly G Suite) has more than 2 billion active monthly users worldwide. The type of user ranges from individuals to international enterprises, and while Workspace delivers many benefits, the most important may be its collaboration toolkit, which helps companies increase efficiency and productivity across their organization.

The adoption of remote work environments, coupled with employees working from home due to the pandemic, significantly elevated the role Workspace plays in a company’s digital ecosystem. Now for many a necessary means of accomplishing day-to-day tasks, employees are sharing tremendous amounts of data, personal identification information (PII), and internal documents – all of which contributes to a massive attack surface that companies must proactively protect.

Workspace is part of Google Cloud Platform (GCP). GCP is a powerful suite of public cloud computing services that enables IT professionals and developers to work more flexibly and efficiently. But it is also vulnerable to insider abuse and cyberattacks – especially when it comes to users with privileged access.

Given the sophisticated nature of recent cyberattacks, which lead to revenue losses, reputational harm, and slowed productivity, it is critical for companies to understand where they are vulnerable.

Security policies surrounding GCP/Workspace should be developed and enforced; employees need security training, and SOCs must leverage modern cloud security platforms to ensure a breach does not occur.

In short, now more than ever, organizations need to emphasize the importance of cloud network security in GCP.

This blog post outlines how Britive helps companies improve GCP security posture through Zero Trust (ZT) by way of Least Privilege Access (LPA) and Just-In-Time (JIT) permissions. A ZT policy is achieved by enforcing LPA. LPA is supported through the granting and revoking of Just-In-Time (JIT) permissions.

[ ]

Let’s look at how these three crucial components help organizations capitalize on the speed and collaboration GCP offers – without sacrificing security.

1. Zero Trust for GCP

The idea of basing cybersecurity on a zero trust model is not a new concept, but it is an idea whose time has arrived in a big way. The concept came into focus as an approach where security is organized around the user, endpoints, digital identities, and access rights.

But the “zero” part of it is where you remove default elements of configurations that can lead to compromise: the shares, the accesses, the privileges, so you can keep as close as possible to zero access, or zero standing privileges. The most secure privilege is one that does not exist.

As cloud computing continues its rise, there is growing consensus that zero trust will be the future state for security infrastructure. Zero trust architecture has been defined in the NIST Special Publication 800-207, and the framework has already been widely adopted in the US by the Department of Defense, the banking sector, the healthcare sector and elsewhere.

Global expansion is well underway and accelerating in EMEA, APAC and beyond. We are also likely to see zero trust grow to become the standard security model moving forward because it is based on a strategy, not just more technology.

2. Least Privilege Access for GCP

User privileges tend to expand and change organically over time. This circumstance has long been recognized as a potential source of vulnerability in conventional privileged access solutions. In cloud environments like GCP, privilege drift becomes exponentially more difficult to manage and keep consistent, and is far more likely to result in over-privileged users.

Organizations should enforce LPA by automating privilege right-sizing. Dynamic privilege granting enables you to automatically monitor and adjust privileges to ensure users have only the privileges needed to do their jobs.

As such, security admins can quickly survey assigned privileges to identify “blind spots” such as over-privileged users and machine identities. With insight like this, it becomes possible—with security oversight—to remove privileges where they are not needed and right size privileged access overall.

3. Just-In-Time Permissions for GCP

Today’s multi-cloud privileged access management platforms that incorporate JIT secrets provisioning capabilities and zero standing privilege (ZSP) enforcement mechanisms empower cloud infrastructure, DevOps, IT, and security teams with dynamic and intelligent privileged access administration.

Access is temporary and strictly controlled. With JIT, elevated privileges are automatically revoked—all without admin involvement–and adds an essential layer of security to development processes without the overhead that can make certain security solutions unattractive to DevOps teams.

As cloud-native entities, these solutions can support highly effective secrets governance initiatives for SMBs and enterprise-level organizations alike.

Conclusion

In GCP, standing privileges for admins and app developers that remain vulnerable to exploitation 24/7 massively increases the blast radius of human and machine users. Limited visibility into who has which privileges and how they are used hamstrings security and auditing. And unused and overly-broad privileges can be targeted and exploited, putting the most important keys to your organization’s kingdom in danger.

Britive helps secure your GCP and Workspace environments so you can leverage the many capabilities available to you in the cloud, without impeding the speed and collaboration employees love – and depend on.

Related: Get On-Demand Webcast Access to "Insider Abuse & Cyber Attacks: Taking a Proactive Approach to Managing GCP Users"