sb-as logo
Story image

Cloudflare rolls out zero trust security for distributed workforces

02 Nov 2020

Cloudflare says the future of secure distributed workforces lies in a zero trust approach to security - an ethos that accompanied the launch of the company’s cloud-based network-as-a-service (NaaS) solution Cloudflare One last month.

The company states that the traditional ‘castle and moat’ approach to security - where organisations try to create a barrier between their enterprise network and external threats -doesn’t work anymore. Employees now work outside of the office, and applications have increasingly moved to the cloud.

According to Cloudflare, “Employees are frustrated with the speed and experience of VPNs, and organisations want an alternative to the expensive patchwork of legacy solutions required to secure and connect corporate offices to each other and the Internet.”

The company says that more businesses are relying on the internet to operate and as such, they need to protect their workforces in a way that is both flexible and scalable, and across different devices and networks.

This is where a zero trust approach works because, by default, organisations do not automatically trust data or resource requests. Instead, they verify every attempt before allowing access.

Cloudflare cofounder and CEO Matthew Prince says, "After decades of building legacy corporate networks, organisations are left with clunky systems designed to protect their now empty offices.”

He believes that the only way to secure today’s work-from-anywhere economy is to secure each employee at every company in order to protect their home networks, devices, and access to business-critical applications.

The company developed Cloudflare One to protect application, device, and network performance and to keep workforces secure. It uses Cloudflare’s network to provide businesses with multiple on-ramps to the public Internet from offices to data centres, to employees in-the-field, and connects traffic to Cloudflare’s  Zero Trust solution.

Cloudflare One has several features, including Protection against zero-day attacks, a single pane of glass network monitoring and management platform, and integration with platforms including Okta, Ping Identity, VMware Carbon Black, and more.

Cloudflare’s partners include CrowdStrike, VMware, Ping Identity, SentinelOne, Tanium, and FireMon, amongst others.

"Zero trust security architectures started at the network level with segmentation and enforcement, but as corporate resources and data increasingly live on endpoints, a zero trust architecture must take both the endpoint and the network into consideration," says Tanium chief product officer Pete Constantine. 

"Knowing the identity of the endpoint, as well as knowing that it’s up-to-date, hardened against security threats and hasn’t been compromised, is paramount in ensuring secure access to an organisation's resources."

Cloudflare is based in San Francisco and has offices in Austin, Champaign, Seattle, New York, San Jose, Washington D.C., Lisbon, London, Munich, Beijing, Singapore, Sydney, and Tokyo. The company provides cloud services, including DDoS protection, to business around the world.