Google has decided that it is best to have security by obscurity and has invested in shedloads of expensive Macs.
Google decided to ditch Windows after the 2009 state-sponsored Operation Aurora attacks. Google staff now can use Windows PCs only with a business case making the company the world’s biggest Apple shop with 43,000 devices.
Now it is seems it is deepening its plans to dump the corporate network model for something a little more zero trust.
According to SC Trust, engineers Jan Monsch and Harald Wagener said that it was important to get rid of the idea that there was some sort of network perimeter.
While you are guarding that perimeter, you find that firewalls and other gatekeeper tools that rely on a perimeter simply do not help.
The plan is that Google would authenticate and authorise users only after their devices have been verified as belonging to the Google inventory and as being in a secure state.
Google uses what it calls meta-inventory, which is connected to upstream inventory sources and provided an interface for authorisation each time users attempted to connect.
Most use an inventory which is just a data dump which no one looks at to see if the data is correct.
Google went through a cleaning to ensure accuracy and then issued certificates to authenticated users.
Apparently, the move caused a few headaches to systems management and latency as legacy systems such as synchronous network attached storage had to be swapped to asynchronous cloud models.
Once any hacker gets through the certificate structure it then has to speak mac, which makes it jolly difficult for malware and other stuff that is designed for the PC. Although why they did not use Chrome, which is even more obscure and network oriented, is anyone’s guess.