Cybercrime and ransomware are a way of life, with almost-daily news about new data breaches. 2024 set a record for the largest ransomware payment ever made. According to Forbes, the ransomware group the “Dark Angels” extracted $75 million, the single largest known ransomware payment ever made. And it is only getting worse. This is why we’re adding to our managed security services and trying to make it easier for our customers to combat online threats. We just released 11:11 Application and Zero Trust services leveraging Cloudflare’s Connectivity Cloud technology.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. Cloudflare empowers organizations to make their employees, applications, and networks faster and more secure everywhere while reducing complexity and cost. Cloudflare’s intelligent global network spans more than 320 cities across more than 120 countries, including mainland China.
These services are critical in fighting modern cyber threats and protecting your infrastructure and users. They also provide secure access to vital network resources and applications from anywhere. With modern-day threats like malware, ransomware, and unauthorized data breaches, these new services will protect an organization’s most important asset, its data, by always assuming a “never trust, always verify” strategy with continuous authentication, access control, and monitoring to minimize the risk of unauthorized access.
“Zero trust operates on the assumption that threats can lurk anywhere, even within your organization. Therefore, every user, device, and network flow is treated as potentially compromised and must be verified and vetted before granting access.”
– Justin Giardina, Chief Technology Officer, 11:11 Systems
What is zero trust security?
Zero trust security is based on the principle of not automatically trusting any entity inside or outside a network. Instead, it requires strict verification of identity and authorization for every person and device trying to access resources, regardless of their location or connection method.
In a recent 11:11 Systems blog post, Justin Giardina, Chief Technology Officer, said “Zero trust operates on the assumption that threats can lurk anywhere (even within your organization). Therefore, every user, device, and network flow is treated as potentially compromised and must be verified and vetted before granting access.” This approach entails continuous monitoring of network traffic, strict access controls, and the use of strong encryption to protect data.
How does zero trust security differ from conventional cybersecurity measures?
Zero trust security differs from conventional security approaches by fundamentally changing the underlying philosophy. Conventional security models typically rely on perimeter-based defenses, where trust is placed in users and devices within the internal network. This often involves granting broad access privileges based on user roles or network locations.
11:11 Application and Zero Trust Services incorporate a comprehensive range of extended capabilities and benefits, including:
Application Services:
-
- Web Application Services (WAF) – A Web/API Firewall acts as a critical layer of defense for web applications and APIs, helping organizations safeguard their online assets.
- Distributed Denial of Services (DDOS) – DDoS protection is crucial for ensuring the availability and reliability of web services and applications, especially in today’s internet-dependent world.
- Domain Name Services (DNS) – DNS is an authoritative DNS hosting service providing DNS Security features to prevent malicious redirects and hijacking.
- Content Delivery Network (CDN) – CDN improves performance, availability, and reliability in delivering web content by reducing latency and offloading traffic from a single-origin server.
Zero Trust Services:
-
- Remote Browser Isolation (RBI) – RBI is critical in improving security by isolating web browsing activities from the internal network. It reduces the attack surface as web browsing sessions are executed remotely.
- Cloud Access Security Broker (CASB) – CASB is designed to provide organizations with visibility and control over their use of cloud services, addressing security concerns associated with adopting cloud computing.
- Secure Web Gateway (SWG) – SWG enforces strict access controls and continuous verification of user identities and devices and reduces unauthorized access and data breaches.
- Data Loss Prevention (DLP) – DLP protects sensitive data by assuming a “never trust, always verify” mindset, focusing on continuous authentication, and access control to mitigate risks.
- Cloud Email Security – provides advanced phishing detection, multi-layered malware protection, and real-time analysis of email content and sender behavior.
11:11 Application and Zero Trust Services are currently available in North America and EMEA. To learn more about 11:11 Application and Zero Trust Services and the Cloudflare Connectivity Cloud, check out the resources below.
- Data Sheet – 11:11 Application and Zero Trust Services
- 11:11 Application and Zero Trust Services
- Cloudflare Connectivity Cloud