Email security

Cloudflare ventures into integrated email security

Workers prepare a presentation of advanced e-mail at a technology trade fair March 5, 2012, in Hanover, Germany. Two vulnerabilities in open source Zimbra code could allow an unauthenticated attacker to compromise a targeted organization’s Zimbra webmail server, researchers said Tuesday. (Sean Gallup/Getty Images)

Cloudflare introduced its first two email security products Monday and plans to develop several more in the coming future.

“I think what we are good at is processing data in flight, making sure that it moves as fast as possible, making sure it is as reliable as possible, preserving privacy and then adding security to it,” Cloudflare co-founder and CEO Matthew Prince told SC Media. “And email is just another protocol to move data in flight.”

The company has long-term plans to develop a suite of email security solutions to plug into its platform. The two rolled out today — an email forwarding service and a DNS email wizard to simplify adoption of protocols like DKIM and SPF — will both be free. Future products, which Prince plans as more ambitious, will likely either have tiered al a carte pricing or tie into Cloudflare’s existing tiers. 

The announcement of email security coincide with the week of Cloudflare’s 11th anniversary. “Birthday week” has become an annual tradition for the vendor to release new products. Past announcements included the 1.1.1.1 anonymous DNS service. 

Prince and chief technology officer John Graham-Cumming both come from spam-fighting backgrounds before Cloudflare (“The only reason it took us so long to do email was our post-traumatic stress,” said Prince). 

The products available Monday are less dynamic, but nonetheless answer customer requests, said Prince. While there are other email routing solutions available — and while Cloudflare’s vast edge computing network allows for neat technical features like limiting the amount of distance an email would travel over unvetted servers — Prince said he believes most users will gravitate to the new service for simplicity and integration with the familiar Cloudflare platform. DKIM and SPF are already technically free to implement, but are underutilized due to complexity, which the wizard aims to reverse. 

In the long run, Prince said the goal would be to integrate client email security with browser isolation technology, allowing all email links to be rendered in the cloud and eliminating much of the risk to client machines. Users will now be able to sign up for advance access to those features as they are released. 

“Great companies like Proofpoint and others have built sophisticated email security technology, but it has traditionally been available only to the very high end of the market,” said Prince. “We plan to take similar technologies and make them available to a much broader set of the market.”

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.