Yeah, I think we’re in violent agreement. (I worked at one of the impacted organizations during Project Aurora.)
Having a VPN is a pretty great control for the vast majority of organizations that don’t have the operational maturity to pull the public IP apart of BeyondCorp off. FWIW: we are helping customers with differential access controls (and I love Chromebooks despite the license purchasing experience). But even if you go full public-IP BeyondCorp you’re going to have some machines you’re not exposing (though it should be fine to expose them, as you mention), and occasionally you need to reach them, and VPNs remain great for that. VPNs being unnecessary (and giving a false sense of security) for human-facing endpoints in a company with a multi billion dollar security org? Sure, it’s hard to disagree: to your point Google is working on the proof by construction :-D
Having a VPN is a pretty great control for the vast majority of organizations that don’t have the operational maturity to pull the public IP apart of BeyondCorp off. FWIW: we are helping customers with differential access controls (and I love Chromebooks despite the license purchasing experience). But even if you go full public-IP BeyondCorp you’re going to have some machines you’re not exposing (though it should be fine to expose them, as you mention), and occasionally you need to reach them, and VPNs remain great for that. VPNs being unnecessary (and giving a false sense of security) for human-facing endpoints in a company with a multi billion dollar security org? Sure, it’s hard to disagree: to your point Google is working on the proof by construction :-D