Moving to the BeyondCorp model with Cloud IAP and IAP Connector

By SADA Engineering

As a Google Cloud Premier Partner, SADA helps customers get the most out of Google Cloud products by building and recommending solutions based on Google’s best practices and methodologies. Recently, we worked with a Google Cloud Professional Services Organization (PSO) customer who wanted to manage and secure access to a couple of their applications (running both on-premises and in AWS) using Google’s Identity Aware Proxy (IAP) product called Cloud IAP.

Cloud IAP is a building block towards BeyondCorp, Google’s implementation of a zero-trust security model designed to enable employees to work from untrusted networks without the use of a VPN.

Cloud IAP enables companies and application admins to control internet access to applications running in Google Cloud Platform (GCP) accessed through HTTPS. This is done by verifying user identity and the context of the request to determine if a user’s request should be allowed through. This provides an application-level access control model instead of relying on network-level firewalls. In other words, you can set granular access control policies for applications based on user identity (such as employees versus contractors), device security status, and IP address.

How do I overcome a lack of cloud skills in my organization?

Download the complimentary Gartner® research report

Solve not just for today but for what's next.

We'll help you harness the immense power of Google Cloud to solve your business challenge and transform the way you work.

Scroll to Top