Cloudflare Makes Zero Trust Security Free for At-Risk Groups

Cloudflare is democratising access to Zero Trust security, a new security standard that is often out of reach for smaller organisations

Cloudflare, Inc, the security, performance, and reliability company helping to build a better Internet, announced that the Cloudflare One suite of Zero Trust security tools is available at no cost to at-risk public interest groups that are part of Cloudflare’s Project Galileo, as well as local and state election sites part of Cloudflare’s Athenian Project. These organisations will now have access to the comprehensive and deeply-integrated Zero Trust tools that have typically only been available to large enterprises and are used by over 10,000 customers today.

“Cloudflare is the only security provider ensuring that Zero Trust is accessible to those most in need – the vulnerable groups in our society, journalists, and nonprofits, as well as the sites that ensure we have trusted, free, and fair elections in the United States,” said Matthew Prince, co-founder and CEO, Cloudflare. “These organisations face constant threats and need to be safe online to achieve their missions – and now they’ll have access to the same security architecture that Fortune 500 companies are using.”

Zero Trust is a modern security model that ensures all traffic in and out of business is verified and authorised and requires strict identity verification for every person and device. This replaces the old model where once a device or person was in a network, it was assumed to be trusted and had access to anything within that network. The problem with that approach is that once an attacker gains access to the network, they have free rein over everything inside. 

Zero Trust has become standard for large enterprises, but so far has left out smaller organisations due to smaller IT teams, limited budgets, and lack of resources. Since COVID, small and midsize businesses (SMBs) are more digitally exposed but need to keep up with the right security posture and are increasingly being targeted for cybersecurity attacks. 

Equal access to Zero Trust

Cloudflare is extending the Zero Trust suite to two of its Impact Initiatives that support the security needs of public interest groups. Project Galileo participants are artists, journalists, humanitarian organisations, and the voices of political dissent that are consistently under attack because of their missions as vulnerable groups. Athenian Project participants are local and state election sites working to safeguard elections in the United States. These organisations lack the budget and security expertise needed to thwart sophisticated attacks. Advanced security architecture was previously out of reach but necessary to protect their employees and members and further their missions. Now with Cloudflare One, these at-risk groups can:

    • Automatically protect organisations from phishing attacks: Email is one of the largest cyber attack vectors on the Internet. Cloudflare Area 1 Security ensures malicious emails are blocked before making it to employees’ inboxes. Cloudflare’s Browser Isolation and DNS filtering stops the query before the malicious destination can load if a malicious link arrives through other channels and is clicked.

    • Connect all employees, applications, partners, and volunteers: Employees can work in any location and still reach internal tools, while controlling exactly who can access which application or service. Administrators can control which partners and volunteers can reach specific applications and resources while logging every attempt.

  • Secure a path to the Internet: Whether connecting to a Wi-Fi network on the go or downloading a file from an unfamiliar source, Cloudflare One provides an encrypted, secured on-ramp to the entire Internet and keeps sensitive data from leaving the organisation. Cloudflare One will block an attempt to connect to a malicious destination, scan downloads for malware, and block the download before the user can open it. Administrators can create policies that prevent accidental or malicious data loss while restricting uploads to approved destinations.