Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Mobile

    Google Shares Details of Its Enterprise Mobile Security Strategy

    By
    JAIKUMAR VIJAYAN
    -
    April 21, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Agentless Device Management 2

      Google has released a white paper describing its approach to securing mobile device use for 61,000 employees worldwide.

      Google is sharing details about its mobile security strategy to provide guidance to other IT administrators on how to deploy mobile devices securely in modern environments, according to Google.

      The mobility best practices document describes what Google calls a tiered access model to mobile security. At its core is the idea that mobile security policies need to be a lot more flexible than just granting or blocking access to enterprise services based solely on the previously known attributes of a device and user role.

      “In contrast to traditional models, tiered access provides more granular control,” Google said in its whitepaper. “The level of access given to a single user or a single device may change over time based on device measurements allowing security to set access policy that considers deviations from intended device state.”

      Google’s mobile access model comprises of three tiers: a client base and data sources tier, an access control and gateway tier and a third tier comprised of the actual services to be accessed.

      The focus at the client base level is to capture as much information as possible on the mobile devices that Google employees use to access the company’s systems and services.  The sources that Google uses to capture device level data include asset management inventories, operating system agents, patch management systems and tools that are available within the device itself.

      All device attribute data is stored in a centralized repository that is checked each time a device tries to access a Google service. In addition to the attribute data, Google uses a combination of management tools to capture and store the current security state of a device that is attempting to access an internal application or service.

      Different groups within Google have the ability to set policies that establish baseline security requirements and capabilities that a mobile device must have to access services. Google employees have the flexibility to use a range of mobile devices and choose the security configurations they want.

      The level of access they get to a particular application or service and what they can do with that access will depend on the group to which the user belongs and how closely a device hews to the baseline security requirements for that service or application. Also factored in during this process is the current state of the device and how widely it deviates from acceptable standards.

      Different services and platforms within Google have different ‘trust tiers’. For example, a fully managed employee device will have higher-level access to particular services, including read and write access, compared to an unmanaged device. Decisions about access are made at the access intelligence and gateways layer.

      Google’s services layer itself is categorized into four tiers—an untrusted tier, basic access tier, privileged and highly privileged access. Google has established different and increasingly more stringent baseline device requirements for accessing each tier.

      Google’s mobility best practices document is similar to numerous others the company has released over the years.

      Google frequently has had to develop its own hardware, software and network approaches to meet the staggering infrastructure requirements of its myriad online services, especially search and video sharing.

      Periodically, the company has shared details of its more successful efforts publicly or released details into the open source community so others can apply them. Notable examples include the company’s work around data center technologies, cloud containers, power management and big data.  

      Some of the technologies that Google developed internally and released to open source, such as MapReduce, have gone on to become critical components of big data technologies.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×