An increasingly mobile workforce and the ubiquity of attacks on client platforms limit the effectiveness of the traditional corporate network perimeter-security model. Beyond Corp is a broad effort to re-architect the delivery of Google corporate computing services, removing privileges granted solely on the basis of network address. The Overcast architecture blueprint is key to this, presenting a model of machine identity, authentication, and inventory-aware authorization. We discuss the background of our work, our general approach, challenges encountered, and future directions.

Jan is a tech lead in the security operations team and has been designing and driving enterprise security initiatives within Google. His focus at the moment is machine identity and inventory. Prior to joining Google in 2010, he was senior security analyst at Compass Security AG, a leading Swiss security assessment company.

He has a bachelor’s degree in electrical engineering from the Zurich University of Applied Sciences and a master’s degree with honors in security and forensic computing from the Dublin City University.