With no end in sight to employees working remotely, new concerns have arisen regarding how to secure remote collaboration tools. This was a much easier task when everyone was in the office, but now with everyone working remote, can it still be as secure as it was?
When we discuss company-wide remote collaboration tools, several issues must be taken into consideration:
Google has addressed the above concerns by offering secure collaboration via Google Workspace (formerly G Suite). With Google Workspaces and Google Cloud Platform security, companies can leverage their current hardware infrastructure and add on Google’s BeyondCorp model. Using both Google Workspace and the BeyondCorp model, companies can enforce the security necessary to adhere to strict company and/or industry guidelines within a remote setting. One key feature of workspaces is called “context-aware”. Utilizing the Google Cloud Platform security settings of “context-aware”, administrators can define specific access level conditions that include geographical location, specific IP ranges, and various device policies, such as the requirement for device passwords, Operating System versions, device approvals, and encryption, as well as whether a device is user-owned or company-owned. Then, those specific access conditions can be assigned to Google Workspace application(s).
To take full advantage of Google Workspaces application access control within a BeyondCorp model, you may want to start by loading your company-owned devices. One approach might be to use your company’s existing asset database (or spreadsheets) as your source (export), then import those serial numbers into Google’s company-owned inventory. If your old database has an API, it might be as easy as writing a script to pull the data, parse the data, then use Google's device API to import the data. If the company is already taking advantage of the Google Cloud Platform (GCP), you might even go a step further and write a Cloud Function that automates the export/import. The function of Google Cloud Platform security could be as simple as using Cloud Pub/Sub to trigger the script that parses the data and imports it into the Google Company-owned device database. Depending on the API capability of the existing asset database, you might even be able to integrate exports within your Cloud Function versus Pub/Sub detecting and triggering when someone drops a .csv into your storage bucket. Using spreadsheets may not be the most refined approach, but the ability to be able to take incremental steps to get fully automated makes the solution flexible enough to accommodate many scenarios.
As you dive deeper into securing your access levels via Google Cloud Platform security, you may need to understand what the business currently has in place so that you can accommodate those security tools or minimize duplicate/conflicting tools. Google security settings can be managed via the Google Admin Console. In the console, you can set up “context-aware” by assigning access levels to the key applications that meet specific conditions.
Once all of your Google Cloud Platform security settings are in place, take a look at what else Google has to offer. For those teams that need that good ol’ whiteboard sessions, Google Jamboards and Google Drawings are a great substitute until we can return to our offices. Being able to collaborate in real-time and quickly spawn a Google Doc, Slides, or a whiteboard (jamboard) and have all team members begin editing in real-time can be very productive.
Google Workspaces has made it possible for companies to continue to collaborate and innovate in these unprecedented times. Remote employees continue to feel engaged and part of the team. While we cannot predict the future of remote work, we do know that Google has made the shift to all remote work seamless and engaging.
LucidPoint Sr. Cloud Engineer