Cloudflare, Inc. announced that the Cloudflare One suite of Zero Trust security tools
December 2022 by Marc Jacob
Cloudflare, Inc. announced that the Cloudflare One suite of Zero Trust security tools is available at no cost to at-risk public interest groups that are part of Cloudflare’s Project Galileo, as well as local and state election sites part of Cloudflare’s Athenian Project. These organizations will now have access to the comprehensive and deeply-integrated Zero Trust tools that have typically only been available to large enterprises and are used by over 10,000 customers today.
Zero Trust is a modern security model that ensures all traffic in and out of a business is verified and authorized, and requires strict identity verification for every person and device. This replaces the old model where once a device or person was in a network, it was assumed to be trusted and had access to anything within that network. The problem with that approach is that once an attacker gains access to the network, they have free rein over everything inside.
Zero Trust has become standard for large enterprises, but so far has left out smaller organizations due to smaller IT teams, limited budgets, and lack of resources. “Since COVID, small and midsize businesses (SMBs) are more digitally exposed but have not been able to keep up with the right security posture and are increasingly being targeted for cybersecurity attacks”, according to Gartner®.
Equal Access to Zero Trust
Cloudflare is extending the Zero Trust suite to two of its Impact Initiatives that support the security needs of public interest groups. Project Galileo participants are artists, journalists, humanitarian organizations, and the voices of political dissent that are consistently under attack because of their missions as vulnerable groups. Athenian Project participants are local and state election sites working to safeguard elections in the United States. These organizations lack the budget and security expertise needed to thwart sophisticated attacks. Advanced security architecture was previously out of reach, but necessary to protect their employees and members, and further their missions. Now with Cloudflare One, these at-risk groups can:
• Automatically protect organizations from phishing attacks: Email is one of the largest cyber attack vectors on the Internet. Cloudflare Area 1 Security ensures malicious emails are blocked before making it to employees’ inboxes. If a malicious link arrives through other channels and is clicked, Cloudflare’s Browser Isolation and DNS filtering stops the query before the malicious destination can load.
• Connect all employees, applications, partners, and volunteers: Employees can work in any location and still reach internal tools, while controlling exactly who can access which application or service. Administrators can control which partners and volunteers can reach specific applications and resources while logging every attempt.
• Secure a path to the Internet: Whether connecting to a Wi-Fi network on the go or downloading a file from an unfamiliar source, Cloudflare One provides an encrypted, secured on-ramp to the entire Internet and keeps sensitive data from leaving the organization. Cloudflare One will block an attempt to connect to a malicious destination, scan downloads for malware, and block the download before the user can open it. Administrators can create policies that prevent the accidental or malicious loss of data while also restricting uploads to approved destinations.
At-Risk Groups Getting Started with Cloudflare One
• CyberPeace Institute is an independent and neutral nongovernmental organization, headquartered in Switzerland, whose mission is to ensure the rights of people to security, dignity and equity in cyberspace. The Institute works in close collaboration with relevant partners to reduce the harms from cyberattacks on people’s lives worldwide.
o “The CyberPeace Institute works with humanitarian non-governmental organizations (NGOs) to protect their operations and build their cyber capabilities, data and resources in an increasingly complex digital environment. Both the Institute and Cloudflare share a core motivation to ensure the rights of people to security, dignity, and equity in cyberspace. This alignment gives us confidence that Cloudflare is the right strategic partner as we evolve with our mission. We are grateful for the support of Project Galileo,” said Stéphane Duguin, Chief Executive Officer, CyberPeace Institute.
• The Information Technology Disaster Resource Center (ITDRC) is a nonprofit composed of thousands of service oriented technical professionals and private sector partners that assist in disaster response operations in the United States.
o “Cloudflare Zero Trust is essential to securing our employees, volunteers, and disaster survivors on site and in the field. Cloudflare delivers secure, reliable, and fast connectivity to the Internet and critical applications that our teams need to respond to disasters effectively,” said Chris Hillis, Co-founder at ITDRC.
o “Setting up policies has been simple for our administrators, and our team benefits from a safer, faster experience, whether accessing internally hosted applications, or the broader Internet. With Cloudflare Access, we are able to ensure that team members receive a consistent user experience accessing internal applications based on their role, all while utilizing our existing identity provider and securing our infrastructure. Utilizing Cloudflare Gateway adds an additional layer of security to our networks and devices, helping to protect our users from external threats, and themselves.”
• Meedan is a global technology not-for-profit that builds software and programmatic initiatives to strengthen journalism, digital literacy, and accessibility of information online and off.
o “Meedan and Cloudflare both share a vision of a more equitable, safer Internet. We were proud to be a founding member of Project Galileo in 2014 and support the work that program has done to protect Human Rights Defenders around the world. Closer to home Cloudflare helps our employees be more secure and productive when creating and distributing our open source software,” said Aaron Huslage, Director of Systems and Security at Meedan.
• The Organization of American States (OAS) is the world’s oldest regional organization and a home for multilateral dialogue on topics such as the rights of indigenous peoples, territorial disputes, and regional goals for education.
o "The partnership with Cloudflare will help the Organization of American States (OAS) democratize best-in-class security to modernize and strengthen our internal cybersecurity posture with a Zero Trust approach, delivered in the cloud, without sacrificing our workforce performance," Andrew Vanjani, OAS Chief Information Officer
• Rowan County, North Carolina protects election websites with Cloudflare.
o “Prior to Area 1 Security, we were using Office 365 email protection with limited insight for the specifics for messages that were quarantined. While cloud services from Microsoft are continually evolving, we were looking to reduce complexity to support security functions within our environment, allowing us to continue implementing new layers of defense,” said Randy Cress, Chief Information Officer at Rowan County.
o “Leading up to the elections, reports within our Area 1 dashboard indicated 2x as many inbound malicious emails from the same time period in October 2022. We saw credential harvesting as the top threat and we are easily able to see which users are targeted for email compromise.”
o “With Area 1 Security under the Athenian Project, we were able to add additional layers of security to our organization, as it allowed us to preemptively defend against malicious messages before an employee can click on a malicious link. This gives us comfort knowing that Cloudflare is our first line of defense so we can focus on providing a secure voting process for the constituents of Rowan County.”
Source: Gartner, Inc., Emerging Tech: The Impact of Emerging Trends on Security Solution Demand, Rustam Malik, 7 Oct 2022. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.