DREAMTECH NEWS

Google extends its BeyondCorp security model to G Suite

BeyondCorp is Google’s model for securing networks not just through VPNs and other endpoint security techniques, but through a model that focus on context-aware access policies that focus on the user’s identity, hardware and the context of the request. That has been Google’s internal security policy for a while now and over the last few months, it started brining it to its own customers, too, starting with its Cloud Identity-Aware Proxy, which is now generally available, and its VPC Service Controls.

Today, the company is extending these context-aware access capabilities to its Cloud Identity user and device management service, as well as G Suite, its productivity suite. So while earlier implementation centered around protecting a company’s technical cloud infrastructure, this release focuses on devices and cloud-based apps like Gmail, Drive, Docs, Sheets and Calendar.

In this context, some devices, for example, may be more highly trusted because they have been enrolled in the Cloud Identity service and because a number of security policies are in place for it. That’s a different kind of security posture than a system that simply trusts users because they come through a specific VPN.

Context-aware access for G Suite apps is now in beta, but only for customers who subscribe to Cloud Identity Premium, G Suite Enterprise and G Suite Enterprise for Education.

With today’s release, Google also announced the BeyondCorp Alliance, which brings together a number of security and management partners. These include Check Point, Lookout, Palo Alto Networks, Symantec and VMware. According to Google, these companies are all working to bring device posture data to Google’s context-aware access engine.


By Frederic Lardinois

Atlassian gives Confluence a makeover, acquires Good Software

Atlassian today announced a new version of Confluence, its collaboration platform. While the company has recently focused more on tools like Jira, Bitbucket and Trello, Confluence has continued to gain traction as a content collaboration tool for technical and non-technical teams. Indeed, even though it’s been quiet around it, it’s the second-most revenue generating product for Atlassian right now. With this release, Atlassian is once again putting the spotlight on Confluence.

To do this, Atlassian also today announced that it has acquired Good Software, a company that makes analytics tools for Confluence users and admins.

In total, Atlassian is announcing 15 new featueres for the product. Unsurprisingly, given the acquisition of Good Software, one of these new features is extended analytics. With this, Confluence users will be able to see how others in their company engage with their content. The idea here, Atlassian says, is to help everybody write better content and not just see who writes the most popular copy (though that’s surely how this will also be used). There are some other uses here, too, though. An HR manager may notice that a page with outdated information is still getting hits, for example.

Over time, Atlassian will integrate these features more deeply into the rest of Confluence.

Another major new feature is the introduction of an updated editor. The core features of this new editor are actually shared across most Atlassian products now, but as Pratima Arora, the company’s Head of Confluence, told me, that editor is then tweaked for the individual products. For Confluence, this means support for the ever-important feature of adding emojis to your pages, but at the core of that is the new slash (/) command that, similar to Slack, lets you add tables, images and macros to your pages. Other new features include the ability to easily create better looking tables of content, action items, roadmaps and due dates to pages, as well as smartlinks that automatically preview content for services like Google Drive, Dropbox, Trello, GitHub and others. All of this is meant to make organizing content just a little bit easier.

Also new are a set of new templates and a new media experience.

“Once a niche wiki and documentation tool for developers, Confluence has become a universal content collaboration tool that’s easily used by any team, technical or non-technical,” Arora writes in today’s announcement. “In fact, one in four Confluence Cloud customers use it throughout their entire company, according to recent customer data.”


By Frederic Lardinois

Google Cloud unveils new identity tools based on zero trust framework

Google Cloud announced some new identity tools today at Google Cloud Next designed to simplify identity Access Management within the context of the BeyondCorp Zero Trust security model.

Zero Trust, as the name implies, means you have to assume you can’t trust anyone using your network. In the days before the cloud, you could set up a firewall and with some reasonable degree of certainty assume people inside had permission to be there. The cloud changed that, and Zero Trust was born to help provide a more modern security posture that took that into account.

The company wants to make it easier for developers to build identity into applications without a lot of heavy lifting. It sees identity as more than a way to access applications, but as an integral part of the security layer, especially in the context of the BeyondCorp approach. If you know who the person is, and can understand the context of how they are interacting with you, that can give strong clues as to whether the person is who they actually say they are.

This is about more than protecting your applications, it’s about making sure that your entire system from your virtual machine to your APIs are all similarly protected. “Over the past few months, we added context-aware access capabilities in Beta to C​loud Identity-Aware Proxy ​(IAP) and V​PC Service Controls ​to help protect web apps, VMs and Google Cloud Platform (GCP) APIs. Today, we are making these capabilities generally available in Cloud IAP, as well as extending them in Beta to C​loud Identity​ to help you protect access to G Suite apps,” the company wrote in an introductory blog post.

Diagram: Google

This Context Aware Access layer protects all of these areas across the cloud. “Context-aware access allows you to define and enforce granular access to apps and infrastructure based on a user’s identity and the context of their request. This can help increase your organization’s security posture while giving users an easy way to more securely access apps or infrastructure resources, from virtually any device, anywhere,” the company wrote.

The G Suite protection is in Beta, but the rest is generally available starting today.


By Ron Miller

Hangouts Chat is coming to Gmail for G Suite users

The least said about Google’s messaging strategy, the better. But for better or worse, Hangouts Chat and Meet for G Suite, Google’s work-focused text and video chat tools are here to stay given that the one area where Google’s messaging strategy is clear is in the enterprise. With the end of the old Hangouts experience drawing nearer, the company today announced that it is now essentially replacing classic Hangouts with its business-focused Hangouts Chat tool in Gmail.

That’s a pretty sensible move and doesn’t come as a major surprise, but this marks the first time that Google has clearly laid out its strategy for how it will replace Hangouts in Gmail for its business users.

The experience, as far as we can tell, will be very similar to the current Hangouts one. Unsurprisingly, Hangouts Meet in Gmail will not just feature people, but also rooms and bots, two of the key differentiators between the old and new Hangouts. One difference worth mentioning, though, is that rooms will open into a full-screen experience with threads, which will make for a slightly different experience compared to what you’re probably used to from the classic Hangouts.

For now, this new feature isn’t quite ready to launch yet, though. Google is asking businesses that want to participate in the beta to register their interest here.


By Frederic Lardinois

What’s left of Google+ is now called Currents

Google+ for consumers is officially dead, but it’s still alive for enterprise users. Only a few days after completely shutting down the public version of Google+, Google today announced that it is giving the enterprise version a new name. It’s now called Currents.

If that name sounds familiar, it’s because Google once offered another service called Currents, a social magazine app with Google+ integrations that was later replaced by Google Play Newsstand. That history clearly bodes well for the new Currents.

Like before, Google+/Currents is meant to give employees a place to share knowledge and provide them with a place for internal discussions.

Google is probably doing the right thing by completely eliminating the Google+ moniker. The fact that there was still a version of Google+ for the enterprise created a bit of confusion when it announced the shutdown of the consumer version. Maybe this move will also allow the remaining developers on the project to leave the failed legacy of Google+ behind and try something new. Since the only focus is now on business users, that should be fairly easy, even though the code base surely still reflect a time when Google’s leadership thought that social search was the future.


By Frederic Lardinois

Salesforce and Google want to build a smarter customer service experience

Anyone who has dealt with bad customer service has felt frustration with the lack of basic understanding of who you are as a customer and what you need. Google and Salesforce feel your pain, and today the two companies expanded their partnership to try and create a smarter customer service experience.

The goal is to combine Salesforce’s customer knowledge with Google’s customer service-related AI products and build on the strengths of the combined solution to produce a better customer service experience, whether that’s with an agent or a chatbot..

Bill Patterson, executive vice president for Salesforce Service Cloud, gets that bad customer service is a source of vexation for many consumers, but his goal is to change that. Patterson points out that Google and Salesforce have been working together since 2017, but mostly on sales- and marketing-related projects. Today’s announcement marks the first time they are working on a customer service solution together.

For starters, the partnership is looking at the human customer service agent experience.”The combination of Google Contact Center AI, which highlights the language and the stream of intelligence that comes through that interaction, combined with the customer data and the business process information that that Salesforce has, really makes that an incredibly enriching experience for agents,” Patterson explained.

The Google software will understand voice and intent, and have access to a set of external information like weather or news events that might be having an impact on the customers, while Salesforce looks at the hard data it stores about the customer such as who they are, their buying history and previous interactions.

The companies believe that by bringing these two types of data together, they can surface relevant information in real time to help the agent give the best answer. It may be the best article or it could be just suggesting that a shipment might be late because of bad weather in the area.

Customer service agent screen showing information surfaced by intelligent layers in Google and Salesforce

The second part of the announcement involves improving the chatbot experience. We’ve all dealt with rigid chatbots, who can’t understand your request. Sure, it can sometimes channel your call to the right person, but if you have any question outside the most basic ones, it tends to get stuck, while you scream “Operator! I said OPERATOR!” (Or at least I do.)

Google and Salesforce are hoping to change that by bringing together Einstein, Salesforce’s artificial intelligence layer and Google Natural Language Understanding (NLU) in its Google Dialogflow product to better understand the request, monitor the sentiment and direct you to a human operator before you get frustrated.

Patterson’s department, which is on a $3.8 billion run rate, is poised to become the largest revenue producer in the Salesforce family by the end of the year. The company itself is on a run rate over $14 billion.

“So many organizations just struggle with primitives of great customer service and experience. We have a lot of passion for making everyday interaction better with agents,” he said. Maybe this partnership will bring some much needed improvement.


By Ron Miller

Google launches its coldest storage service yet

At its Cloud Next conference, Google today launched a new archival cold storage service. This new service, which doesn’t seem to have a fancy name, will complement the company’s existing Nearline and Coldline services for storing vast amounts of infrequently used data at an affordable low cost.

The new archive class takes this one step further, though. It’s cheap, with prices starting at $0.0012 per gigabyte and month. That’s $1.23 per terabyte and month.

The new service will become available later this year.

What makes Google cold storage different from the likes of AWS S3 Glacier, for example, is that the data is immediately available, without millisecond latency. Glacier and similar service typically make you wait a significant amount of time before the data can be used. Indeed, in a thinly veiled swipe at AWS, Google directors of product management Dominic Preuss and Dave Nettleton note that “unlike tape and other glacially slow equivalents, we have taken an approach that eliminates the need for a separate retrieval process and provides immediate, low-latency access to your content.”

To put that into context, a gigabyte stored in AWS Glacier will set you back $0.004 per month. AWS, however, has also pre-announced a Deep Archive storage class, too, though the pricing for that service hasn’t been announced yet and the promised retrival time here is “within 12 hours.”

Gogole’s new object storage service uses the same APIs as Google’s other storage classes and Google promises that the data is always redundantly stored across availability zones, with eleven 9’s of annual durability.

In a press conference ahead of today’s official announcement, Preuss noted that this service mostly a replacement for on-premise tape backups, but now that many enterprises try to keep as much data as they can to then later train their machine learning models, for example, the amounts of fresh data that needs to be stored for the long term continues to increase rapidly, too.

With low latency and the promise of high availability, there obviously has to be a drawback here, otherwise Google wouldn’t (and couldn’t) offer this service at this price. “Just like when you’re going from our standard [storage] class to Nearline or Coldline, there’s a committed amount of time that you have to remain in that class,” Preuss explained. “So basically, to get a lower price you are committing to keep the data in the Google Cloud Storage bucket for a period of time.”


By Frederic Lardinois

Google launches new security tools for G Suite users

Google today launched a number of security updates to G Suite, its online productivity and collaboration platform. The focus of these updates is on protecting a company’s data inside G Suite, both through controlling who can access it and through providing new tools for prevening phishing and malware attacks.

To do this, Google is announcing the beta launch of its advanced phishing and malware protection, for example. This is meant to help admins protect users from malicious attachment and inbound email spoofing, among other things.

The most interesting feature here, though, is the new security sandbox, another beta feature for G Suite enterprise users. The sandbox allows admins to add an extra layer of protection on top of the standard attachment scans for known viruses and malware. Those existing tools can’t fully protect you against zero-day ransomware or sophisticated malware, though. So instead of just letting you open the attachment, this tool executes the attachment in a sandbox environment to check if there are any security issues.

With today’s launch, Google is announcing the beta launch of its new security and alert center for admins. These tools are meant to create a single services that features best practice recommendations, but also a unified notifications center and tools to triage and take actions against threats, all with focus on collaboration among admins. Also new is a security investigation tool that mostly focuses on allowing admins to create automated workflows for sending notifications or assigning ownership to security investigations.


By Frederic Lardinois

Google Cloud announces Traffic Director, a networking management tool for service mesh

With each new set of technologies comes a new set of terms. In the containerized world, applications are broken down into discrete pieces or micro services. As these services proliferate, it creates a service mesh, a network of services and the interactions that take place as they interact. For each new technology like this, it requires a management layer, especially for the network administrators to understand and control the new concept, in this case, the service mesh.

Today at Google Cloud Next, the company announced the Beta of Traffic Director for open service mesh, specifically to help network managers understand what’s happening in their service mesh.

“To accelerate adoption and reduce the toil of managing service mesh, we’re excited to introduce Traffic Director, our new GCP-managed, enterprise-ready configuration and traffic control plane for service mesh that enables global resiliency, intelligent load balancing, and advanced traffic control capabilities like canary deployments,” Brad Calder, VP of engineering for technical infrastructure at Google Cloud, wrote in a blog post introducing the tool.

Traffic Director provides a way for operations to deploy a service mesh on their networks and have more control over how it works and interacts with the rest of the system. The tool works with Virtual Machines, Compute Engine on GCP, or in a containerized approach, GKE on GCP.

The product is just launching into Beta today, but the road map includes additional security features and support for hybrid environments, and eventually integration with Anthos, the hybrid management tool the company introduced yesterday at Google Cloud Next.


By Ron Miller

Google Cloud’s new CEO on gaining customers, startups, supporting open source and more

After Thomas Kurian, Google Cloud’s recently minted CEO, joined the company, he took hundreds of meetings to learn what the company’s prospective and current customers were looking for. The overarching theme of those conversations was always similar, he told me during an interview at Google’s Cloud Next conference: “Love the technology — amazed at it. [They] think that it’s the best of the best. But they want more people that can help them adopt it and improvements to how they do business with us.”

So that’s the first order of business at Google Cloud now. Kurian, who came to Google Cloud after 22 years at Oracle, said that the team is rolling out new contracts and plans to simplify pricing. Most importantly, though, Google will go on a hiring spree. “A number of customers told us ‘we just need more people from you to help us.’ So that’s what we’ll do,” Kurian said.

I asked Kurian whether he believes that his predecessors made a mistake by not doing all of this already. Always the diplomat, Kurian denied that (of course). “No, I think it’s just the natural evolution of every company. Growing up, understanding their business, seeing an opportunity,” he said. “When I look at it, isn’t it a great position to be in? When you have customers saying ‘please hire more people to help me’ rather than ‘please go away from me?’ ”

Enterprises want Google to figure out the enterprise, Kurian argues, because they want to use the company’s technology. “And so we’re trying to do that.”

No matter what he thinks about Diane Greene’s tenure at Google Cloud, though, Kurian undoubtedly has the opportunity to reshape the organization now. When I asked him about how his own philosophy is different from his predecessor, though, he argued that it’s all about listening to customers and giving them what they want. And what they want is more help, but also better collaboration tools, for example, as well as more industry-specific solutions.

Later on, though, he also noted that what Google Cloud will do going forward is to play to its strengths. “I think you will see us emphasizing our differentiators and strengthening the multi-cloud infrastructure,” he said, and highlighted today’s launch of Anthos as an example of what the company can do — and as a product that was developed in response to customer requests. “We’ve taken the area of security. We’ve taken the area of analytics. We’ve taken the area of AI — and we’ve invested a lot more in solutions there. And the reason is, that’s what customers want from us,” he added

It’s no secret that Google is definitely focusing on bringing more enterprises onto its platform. That’s not to say that Google Cloud doesn’t care about startups, though. “When we say we’re focused on enterprise, it doesn’t mean we’re stopping to focus on the small and medium companies — on the digital natives and the startups,” Kurian said. “Historically, the complaint has always been ‘Google doesn’t focus on enterprises, they focus on digital natives. […] The perception outside that Google doesn’t care about enterprises is not true. And the statement that we’re now going to focus exclusively on enterprises is also not true.”

Kurian argues that nine of the 10 largest media companies use Google Cloud, as well as seven of the 10 largest retailers and six of the top 10 enterprise companies. “Other cloud providers would have you believe that no one is using Google, which is not true,” he added.

Talking about other cloud providers, it’s also worth noting that Google is taking a very different approach to open source than some of its competitors, and especially AWS. That’s something that isn’t likely to change under Kurian’s leadership at Google Cloud. “The most important thing is that we believe that the platforms that win in the end are those that enable rather than destroy ecosystems. We really fundamentally believe that,” he told me. “Any platform that wins in the end is always about fostering rather than shutting down an ecosystem. If you look at open-source companies, we think they work hard to build technology and enable developers to use it.”

Kurian isn’t the kind of CEO who will directly attack his competitors in an interview, but he did come rather close to it in this context: “In order to sustain the company behind the open-source technology, they need a monetization vehicle. If the cloud provider attacks them and takes that away, then they are not viable and it deteriorates the open-source community.”

As for the future of Google Cloud, Kurian didn’t quite want to look at his crystal ball. Instead, he argued that as long as the company focuses on doing what its customers want — starting with hiring more employees to help those customers and making it easier to do business with Google — those customers will buy a lot more of their cloud technology from Google.


By Frederic Lardinois