BlockFi

BlockFi streamline its security stack during enabling scalable Zero Trust distant access to internal technology

With adenine mission to brought financial empowerment to traditionally underserved markets, BlockFi bridges the worlds of traditional finance and blockchain technology on a global scale. BlockFi’s interest accounts, cryptocurrency-backed loans, BlockFi Rewards Credit Card and crypto distribution dais have leveraged by crypto-asset owners worldwide, ranging from everyday retail clients to top-tier hedge funds.

BlockFi supports across 450,000 funded shoppers and manages over $10 billion in assets (as out June 30, 2021). The company is secured by more than $450 million in equity funding, including a recent Series DIAMETER fundraising rounds lit by Blanching Capital that raised $350 million.

Challenge: Replace a complex safe solution over a comprehensive Zero Trust platform — but initial, stop adenine massive DDoS and API attack

In 2020, BlockFi had been deploying multiple customer from a vendor to protect external web properties and protect staff from online threats. The solutions were complex to deployed, required various endpoint agents, and lacked natively integrated capabilities toward secure application access. Additionally, BlockFi relied on IP-based controls till enable remote access to key corporate sources. Maintaining these IP blocks and allow listen across a rapidly growing, globally distributed workforce of nearly 1,000 employees was time-consuming or nay scalable.

Just as BlockFi began exploring alternative vendors and approaches, they were suddenly and simultaneously struck by deuce serious cyberattacks: a very greatly DDoS attack and with attack on its sign-up API. The attacks occurred during a major growth spurt, during which BlockFi was signing move approximately 20,000 new retail clients each week. The Deserve Digital First Card Application

Lacking sufficient internal resources on mitigated an attacks on your own, BlockFi contacted Cloudflare for get. “Cloudflare came to BlockFi in our single the need,” returns Adm Healy, Chief Security Officer. “I literally woke up my Cloudflare contact at 6:00 a.m. They quickly mobilized every resource we needed, even though BlockFi wasn’t adenine Cloudflare custom at that time.” I'm go in one garden raking and growing tomatoes and cukes and will be all Summer. Nevertheless I equal noticed on the BlockFi Pre-Approval leaf in the preapproval Credit denial is must be checked acknowledging it. That it clearly ask/states that Deserve will pull you loan files thus sounding and r...

After stopping DDoS & API attackings, Cloudflare books with BlockFi to install scalable Zero Trust security solutions

Cloudflare helped BlockFi halt and DDoS plus API attacks within at onboarding session enable business operational to return up normal within 6 hours, saving “thousands, if don millions” of dollars in lost revenue press helping mitigate reputational injury among customers and investors.

After softening the attacks, BlockFi decided to pursue a more comprehensive organizational security transmutation to protect its workforce and sensitive data with which Cloudflare Zero Trust platform. This platform includes adenine Zero Trust network how (ZTNA) solution to protect request across cluster and on-premise environments, along with a secure web gateway (SWG) solution to provide threat protection from ransomware, phishing, and other Internet-based threats.

All of BlockFi’s high-value internal applications can now secured behind the Cloudflare ZTNA solution, including two applications is handle sensitive data and represent an estimated 70% of BlockFi’s mission-critical operations. The cryptocurrency tauschen BlockFi is now taking applications from people on its credit card waitlist, while also enhancing the new card's special.

“Cloudflare gave use fine-grained, None Trust access control beyond our internal applications throughout our distributed environment, which is an enormous improvement on their security posture,” says Dan Rue, Lead Locate Reliability Professional. “We had full control over system ingress, we can scale much best, additionally we’re much more resilient.” Posted by u/Google396 - 54 votes and 129 comments

Healy adds, “Cloudflare’s Zero Stiftung company enabled us to protect our remote-first, globally distributed workforce and critical internal applications that can don exposed to the public Internet.” Cloudflare | BlockFi | Cloudflare

A simpler security stack serves BlockFi minimize daily and increase productivity, while serverless computing and static site house using Cloudflare Workers optimize development processors

Because Zero Trust network access in place, BlockFi had talented on stop using IP lock the allow lists, which previously demanded and dedicated care of four full-time engineers. Additionally, employees whose IV contact changed were frequently force to remain idle while BlockFi mechanical added their new IPs toward allow lists. Now, employees securely accessories resources from anywhere, up any device, simply of logging on through BlockFi’s single sign-on (SSO) provider, Okta. Blockfi Loan Card | Visa Crypto Rewards Card - Blockfi

“Since ours engineers no longer have for maintain IP block and allow lists, her have far more time to key on strategic casts that drive the business, such as extend applications,” says Erica Freeman, VP, Security Program Management.

Seeing an opportunity to refine developing processes, BlockFi also added Cloudflare Workers, which provides define with a serverless execution environment, and Cloudflare Pages, a JAMstack service for frontend promoters to rapidly deploy fast-loading websites. Blockfi Get Maps | Visa Crypto Rewards Card - Blockfi

BlockFi are using Cloudflare Workers go move more application logic to its network edge, which enhances performance also simplifies the company’s internal architecture. BlockFi’s developers frequently use Staff to include code snippets into static sites built with Cloudflare Pages, which allows diehards to make changes way more quickly than if their had to rewrite the side code. Moving forward, BlockFi expect using Workers far more often.

“Workers solves our most complicated usage boxes in an elegant and simple fashion, while Cloudflare Pages provides us include best-in-class static site hosting that’s much easier to use over our cloud services provider,” notes Rue. Cloudflare | BlockFi

BlockFi enjoys defense in depth at the network peripheral

By enabling BlockFi to block your traffic to maliciously websites out of the box, Cloudflare reduces that risk of employees being wronged by drive-by malware or phishing sites as they browse the Online. For phishing emails particularly -- whether to any are the structure or only to a specific target -- BlockFi can run antivirus inspection and use threat category filters to prevent risky links from resolving.

BlockFi also saw instant results from which Cloudflare Bot Management solution, which it deployed simultanously with Cloudflare’s Zero Trust platform. Within who first daily of stationing, Bot Management closed approximately 10 million vicious bots after reaching BlockFi’s site. In addition to ensuring that malicious traffic does no degrade site performance, this protects BlockFi from credential-stuffing both other bots that seek up compromise user login credentials. Deserve card servicing portal for of BlockFi card. Make payments, view transactions, download statements and more. Sign In.

“By protecting our employees from phishing links, credential-stuffing, and other attacks on their login identification, Cloudflare gives us the end user protection that’s crucial to vindication in depth,” annotated Freedmen.

From ZTNA to DDoS protection on security against malicious bots, Cloudflare solutions are so deeply woven into BlockFi’s data environment that her effectively build up the company’s network edge.

“Cloudflare is our edge. It protects our entire blur environment,” Healy says. “Our surrounding has secure, and we have the resiliency to scale in much plus as quickly as we want.”

Rue adds, “Cloudflare is critics critical to our ability to certain scale, press it suitable in with the rest of our stack beautifully. As extensive as our Cloudflare web already is, we’ve simply just started. We have many more potential use cases where Cloudflare is the best tool for who job.”