Zero trust is about not trusting anything, which means neither external nor internal network. Not trusting the internal network does not mean that you should open it up to everyone. You have misunderstood this gravely.
Google doesn't do what you suggest and I'll throw in another large security-aware company as well, known for their privacy-conscious phones. They protect the perimeter as well as the inside. As does any military organization. Stop spreading misinformation.
That's not true. If you read what Google wrote regarding BeyondCorp the argument is that firewalls and VPNs were perimeter defences for weak internal networks and this is the main complaint, that breaching this defence would allow lateral movements as well as of course internal attacks. They have no issue with strong internal zero-trust networks.
So as I said previously, for most organizations, it would be crazy to the point of lunacy of their infosec team to allow the internet access to internal corporate systems and just rely on those to have been individually secured.
I would dare to say that nobody does this or I'll ask you to please give me the IP address of Google's internal DVCS server.
Google doesn't do what you suggest and I'll throw in another large security-aware company as well, known for their privacy-conscious phones. They protect the perimeter as well as the inside. As does any military organization. Stop spreading misinformation.