Securing multicloud environments isn’t easy, especially for high-profile organizations like the U.S. Army. As the Russia-Ukraine war continues and offensive operations on both sides of the conflict escalate, nation state-sponsored cyberattacks remain a constant threat. 

Yet in spite of this heightened threat landscape, the U.S. Army has the confidence to go all-in on remote working and collaboration. 

Just last week, Google Cloud announced the U.S. Army’s new partnership with Google Public Sector that will provide 250,000 soldiers with Google Workspace, after Google achieved the Department of Defense’s (DoD) Impact Level 4 (IL4) authorization. 

This decision is noteworthy because it highlights that enterprises don’t need to abandon digital collaboration tools to stay productive. By prioritizing tools that enable zero trust access controls, organizations can reliably secure their multicloud environments against even the most determined attackers. 

Google Workspace secures the multicloud with zero trust 

The announcement comes after Google announced the launch of Google Public Sector (GPS) in June 2022. This new division is designed to help public-sector entities like federal, state and local governments and educational institutions accelerate their digital transformations. 

For the U.S. Army, part of that process is making collaboration secure for personnel working in different remote locations and training bases. One core component of collaboration security via Google Workspace is zero trust. 

“As the Biden Administration’s Executive Order on Improving the Nation’s Cybersecurity states, it’s important that the federal government adopts security best practices that advance toward a zero-trust architecture to keep pace with today’s increasingly sophisticated cyberthreat environment,” said Will Grannis, CEO of GPS. 

“We offer products with the security ‘baked in’ the product so our customers don’t need costly add-ons. For example, Google Workspace leverages Google’s zero-trust technologies to provide a secure email, communication and collaboration solution and is part of a set of existing solutions by Google Cloud which can help accelerate any agency’s zero-trust efforts to protect against cyberattacks,” Grannis said. 

The U.S. Army also confirmed that zero trust played an integral role in securing its multicloud environment. “The Army and DoD have committed to a multicloud strategy, and this decision reinforces the need for a cloud-based ecosystem to support the diverse needs of the DoD,” said a U.S. Army spokesperson. 

“Google’s zero-trust capabilities align well with the DoD Zero-Trust reference architecture and enables the Army to further integrate the solution into our existing cloud-based cybersecurity environment for advanced threat detection, monitoring and risk management,” the spokesperson said. 

Implications for enterprises 

This partnership between the U.S. Army and GPS has implications for the wider enterprise market, because it shows not simply that Google Workspace can protect regulated data but, more importantly, that collaboration can be made secure in hybrid and multicloud environments through zero trust. 

Given that research shows 90% of organizations have already deployed multicloud architectures, zero trust has the potential to redefine cloud security in the future. 

This is good news given that there’s no way to undo the remote-work revolution that took place during the COVID-19 pandemic. Today’s users and employees expect to be able to access applications whether they’re working in the office or at home, and multicloud environments play a key role in facilitating this. 

Defining zero trust 

At its most basic, zero trust is about authenticating every user and device within and outside an organization’s network before they can access certain applications or resources. It’s a concept that applies as much to multicloud environments as it does to gated on-premises networks. 

“Zero trust cares little about being deployed on-premises, in one cloud or in multiple clouds,” said Gartner VP analyst, Thomas Lintemuth. “The keys to zero trust are 1) identifying your applications, and 2) [determining] which users from which endpoints should have access. Once a basic zero-trust architecture is built, continue [adding] signals to increase the efficacy of the trust calculation.” 

Part of the challenge around implementing zero trust is that an organization has to not only authenticate users, but offer a robust user experience while doing so, or users won’t be able to access resources at the speed of business, and will become less productive.

In this environment, traditional solutions like VPNs simply aren’t effective or scalable at authenticating users. Organizations need to provide employees with user-friendly, high-performance solutions that can enable them to authenticate on their local devices. This is where Google Workspace and Office 365 come in. 

Google Workspace vs. Office 365

Across the widespread ecosystem of collaboration tools, Google isn’t the only provider on the market to start leveraging zero trust to help enterprises secure remote environments. Microsoft Office 365 has its own array of zero-trust capabilities.

For instance, enterprises can use Office 365 alongside tools like Azure Active Directory’s Conditional Access with Microsoft Intune to control access to cloud applications and SaaS services. They can also be used to apply device access policies to determine what authentication steps the user needs to follow to log in. 

It’s worth noting that collaboration providers like Slack have also begun experimenting with zero trust, incorporating identity and access controls including SAML-based single-sign on, two-factor authentication, user and group provisioning, and session management to reduce the risk of unauthorized access. 

As the need to secure decentralized working environments increases, the zero-trust capabilities of Google Workspace and Office 365 are becoming ever more important differentiators in the collaboration market. 

According to Statista, in the office suite market (defined as solution providers with software applications offering word processing, spreadsheets and databases), Google G Suite (now known as Google Workspace) holds 48% of the global market while Office 365 holds 46%. 

Going forward, securing user access comes down to not only implementing a robust process for authenticating users and reducing the risk of breaches, but also offering a user-friendly login process that can keep up with the pace of business.