Connectivity cloud company Cloudflare has announced the acquisition of BastionZero, a Zero Trust infrastructure access platform. This move aims to enhance secure remote access to critical IT systems within Cloudflare One, which is the company's secure access service edge (SASE) platform.
Zero Trust security, which involves the continuous verification of employees accessing company systems, is commonly applied to applications and networks, the primary vectors through which external threats penetrate corporate environments. However, infrastructure access has traditionally been managed at the network level, posing risks through the use of long-lived passwords and credentials, compliance challenges, and the adoption of workaround patches by IT teams.
The integration of BastionZero's technology promises heightened security, compliance, and control over essential IT systems for Cloudflare's global customer base. By merging the capabilities of BastionZero with Cloudflare One, IT and security professionals can now implement Zero Trust principles for a broader range of infrastructure resources, including servers, Kubernetes clusters, and databases. This expansion allows for centralised management of hybrid IT environments, employing standard Zero Trust practices to maintain the productivity and security of DevOps teams.
Matthew Prince, co-founder and CEO of Cloudflare, remarked on the evolving landscape of work environments, which increasingly demand flexibility and secure remote access to critical systems. "Incorporating BastionZero into Cloudflare One gives IT teams access to an organisation's most critical inner workings securely, wherever they are," Prince stated. He emphasised that millions of organisations worldwide rely on Cloudflare to safeguard their systems and data, and the addition of BastionZero's capabilities strengthens this protection.
The acquisition brings several key benefits:
- Increased Security: The elimination of long-lived passwords and credentials minimises risks, aligning access with Zero Trust principles.
- Increased Compliance: The enforcement of just-in-time permissions ensures that access to core systems and servers is granted only when necessary, even for remote users, while maintaining centralised policy controls and identity-aware logging.
- Increased Control: Users gain access to necessary information and systems only when needed, supported by just-in-time policies.
- Reduced Complexity: The removal of legacy security patches and quicker access grants simplify infrastructure management, enhancing policy controls and observability.
Sharon Goldberg, co-founder and CEO of BastionZero, expressed confidence in the enhanced capabilities resulting from the acquisition. "This acquisition enables us to deeply integrate BastionZero's unique cryptographic approach for simple passwordless infrastructure access into the world's largest secure access service edge (SASE) network," Goldberg said. She highlighted the improved ability to provide secure remote access for all types of IT teams.
Launched in 2020, Cloudflare One is recognised as one of the fastest-growing platforms in the SASE and security service edge (SSE) sectors. It is relied upon by companies worldwide to ensure secure access for employees to internal systems and data with minimal burden. The acquisition of BastionZero is set to further bolster Cloudflare's cloud security capabilities within the expansive SASE market.
Industry analysts at Gartner have projected significant growth in the SASE market over the coming years, with a compound annual growth rate of 29% expected to reach over USD $25 billion by 2027. This growth underscores the increasing demand for single-vendor and dual-vendor secure access solutions.
Cloudflare One remains a vital component of Cloudflare's connectivity cloud, streamlining the integration of various IT security tools into a unified platform. This facilitates secure access to a broad spectrum of resources, from developer tools to complex technical infrastructure and expanding cloud services.
