Is it ever entirely safe to use a phone? It is dependent on one's definition of "secure." Most companies with bring-your-own-device policies install apps on workers' phones to help secure them. Those may not be enough.
The pitch for the new services it is launching this week is that way. Zero Trust for Mobile Operators and Zero Trust for Phone Users are two products that the company announced today.
Zero Trust Sim is the first thing we should start with. Zero Trust Sim will be able to be deployed via existing mobile device management platforms to both iOS and Android devices. It will be locked to a specific device and usable either in a stand alone configuration or in conjunction with Cloudflare's mobile agent.
In a recent email interview, John Graham-Cumming made the case that Zero Trust Sim can do what VPNs and other secure layers can't. He argued that a sim card and hardware keys made it nearly impossible to impersonate an employee.
Defense in depth is provided by Zero Trust Sim. Graham-Cumming said that a virtual private network does not remove the need to still deploy cellular connections across all of your mobile devices. Organizations continue to be breached due to challenges securing their applications and networks, and what was once a real-estate budget is quickly becoming a "secure my remote and distributed workforce" budget.
Graham-Cumming said that Zero Trust is going to allow Cloudflare to rewrite requests leaving a device to use the gateway for the filters. He said that it can be used as a second factor for verification when connecting to services and other devices.
Graham-Cumming says Zero Trust will be an extension of the per-seat pricing Zero Trust customers are used to. He thinks that most devices will be compatible, and even more so once Cloudflare provides physical SIM cards for the service.
Graham-Cumming said that running a global network is a core part of what they do and that they intend to start in the U.S. Although we are early in development, we are already working on parallel initiatives in the industrial internet of things. A lot of new use cases can be unlocked by the Zero TrustSIM.
The goal of the platform is to provide a single view of all the connected devices. It is meant to compete with other internet of things management services such as Microsoft Azure, Amazon Web Services and the like.
Every packet that leaves each device can be inspected, approved or rejected by policies customers create before it reaches the internet, cloud, or other devices. It is possible to prevent sensitive traffic from reaching public channels by locking devices to a specific geography.
As the formal launch of the internet of things platform approaches, there will be more information available.
The Zero Trust for Mobile Operators front was not shared by Cloudflare. Graham-Cumming said that Zero Trust for Mobile Operators is a carrier partner program. Interested operators can start signing up today.
It is assumed that Zero Trust for Mobile Operators is a pilot in what could become a lucrative line of business for Cloudflare beyond WARP. According to Allied Market Research, the global mobile security market was worth more than $3 billion in 2020.
The robust nature of the internet of things market makes it a good fit for Cloudflare. According to one source, enterprise internet of things spending grew 22.4% in the year 2021. The segment is rife with incumbents, but Cloudflare is betting it can make a big difference.