Are smartphones completely safe? It depends on your definition of "secure", especially when dealing with corporate environments.
Most companies with bring-your-own-device policies install apps or agents on employees' smartphones to help with their security, leveraging the management features built into operating systems like Android and the iOS.
But that may not be enough, Cloudflare claims, and it's launching new services this week. Today, the company announced Zero Trust SIM and Zero Trust for Mobile Operators, two products aimed at smartphone users, companies that have business phones and carriers that sell data services.
Let's start with Zero Trust SIM. The package is designed to secure all data circulating from a smartphone. Once launched in the US, Zero Trust SIM will be available as an eSIM and deployable through existing mobile device management platforms on both iOS and Android devices.
Each eSIM will be locked to a specific device, mitigating the risk of SIM-swapping attacks, and can be used either in a standalone setup or in conjunction with Cloudflare's mobile agent, WARP.
Cloudflare CTO John Graham-Cumming says Zero Trust SIM can achieve what VPNs and other security services can't: cell-level protection.
A SIM card can act as another security factor and in combination with hardware keys make it almost impossible to impersonate an employee.
“SIM Zero Trust provides defense in depth. A layered VPN is one of those elements, but it doesn't eliminate the need to still have cellular connectivity on all your mobile devices today, and traditional “AnyConnect” VPNs do nothing to stop attackers from moving laterally once they're in. VPN," Graham-Cumming said.
Graham-Cumming said the Zero Trust SIM will allow Cloudflare to rewrite DNS requests by letting a device use the Cloudflare Gateway for DNS filtering.
