Cloudflare

Cloudflare has made its 'Cloudflare One Zero Trust' security suite free to public interest groups, election sites, and state organizations that are currently part of Project Galileo and the Athenian Project.

Through Project Galileo and the Athenian Project, Cloudflare provides free enterprise-level cybersecurity services to journalists, activists, humanitarian organizations, minority groups, and state and local election services.

Today, Cloudflare announced that they are enhancing both of these offerings by providing free access to its Cloudflare One Zero Trust security product.

"Cloudflare is the only security provider ensuring that Zero Trust is accessible to those most in need – the vulnerable groups in our society, journalists, and nonprofits, as well as the sites that ensure we have trusted, free, and fair elections in the United States," stated Cloudflare's co-founder and CEO, Matthew Prince.

"These organizations face constant threats and need to be safe online to achieve their missions – and now they'll have access to the same security architecture that Fortune 1000 companies are using."

Considering that remote work has become a standard in the post-COVID era, high-risk organizations must have a way to validate their connections and impose strict controls over asset accessibility.

What the Zero Trust platform does

The Zero Trust platform, currently used by 10,000 organizations worldwide, is a complete, secure internet access management solution.

The platform implements the cybersecurity strategy of 'zero trust,' which is to stop trusting logged-in users unconditionally and continuously validate every stage of digital interactions on protected networks.

The solution stands between remote employees/users and organization assets (cloud-hosted or on-premise) to monitor all traffic and ensure that it's authorized for every person and device.

Zero Trust functional diagram
Zero Trust functional diagram (Cloudflare)

By implementing various inspection points, the platform verifies that no unauthorized users have access to an organization's assets, so even if a hacker manages to infiltrate the network, they won't be able to act freely as they're not inherently trusted.

Moreover, Cloudflare's Zero Trust platform supports DNS filtering and HTTP inspection and isolation, so many cases of phishing and malware threats are caught and filtered out before they reach users or endpoints.

Finally, the platform can replace or augment existing VPN solutions by implementing custom privilege access controls, limiting connections and uploads outside a set of approved destinations.

The main three points that Cloudflare highlights in its announcement are:

  1. Automatic protection against phishing attacks, blocking all threats before they reach user inboxes.
  2. Tight control over asset and app access for employees, partners, and volunteers.
  3. Secure access to the internet even when using untrustworthy WiFi connections.

"Zero Trust has become standard for large enterprises, but so far has left out smaller organizations due to smaller IT teams, limited budgets, and lack of resources," reads Cloudflare's announcement.

"These organizations lack the budget and security expertise needed to thwart sophisticated attacks. Advanced security architecture was previously out of reach, but necessary to protect their employees and members, and further their missions." - Cloudflare.

If your organization matches that profile, you can apply to become part of Project Galileo or the Athenian Project and gain free access to Cloudflare's Zero Trust platform and anti-DDoS service.

Related Articles:

NSA shares zero-trust guidance to limit adversaries on the network

New Google Chrome feature blocks attacks against home networks

How to Apply Zero Trust to your Active Directory

Cloudflare hacked using auth tokens stolen in Okta attack

Over 5,300 GitLab servers exposed to zero-click account takeover attacks