Cloudflare plans to release what it calls the first "Zero Trust" SIM, which is essentially an electronic version of a traditional SIM card.
With the new Cloudflare SIM, we're taking a "never trust, always verify" approach to security, where no device is automatically trusted, not even those that have been verified in the past or are already connected to a gated corporate network.
It's not surprising that this sort of thing would be of interest to people; hackers continue to target mobile devices as an entry point into corporate networks, and in 2022, cybersecurity firm Zimperium analyzed over half a million phishing sites and found a 50% increase in mobile-specific phishing websites.
If workers agree to let Cloudflare route their business-related SIM data traffic through a network with Zero Trust safeguards, their employers will pay for their monthly data usage.
Cloudflare asserts that the solution will be easy to implement, requiring only the scanning of a QR code included in the employee onboarding materials.
Cloudflare claims that their new SIM card will help businesses protect their staff from malicious websites by filtering out incoming DNS requests through their Cloudflare Gateway.
Cloudflare explains that "an eSIM-first approach allows us to prevent SIM-swapping or cloning attacks, and by locking SIMs to individual employee devices, bring the same protections to physical SIMs," so businesses can use the new SIM to lessen the impact of such attacks.
Cloudflare also asserts that its WAN-as-a-service offering, Magic WAN, will benefit from the new SIM by providing secure, identity-based private connectivity to cloud services, on-premise infrastructure, and fleets of IoT devices.
Cloudflare claims to be testing Zero Trust SIM on its own network in preparation for its eventual regional rollout to customers.
Organizations without a current mobile device solution can sign up for our service by clicking here.