Capturing Purpose Justification in Cloudflare Access
The digital world often takes its cues from the real world. For example, there’s a standard question every guard or agent asks when you cross a border—whether it’s a building, a neighborhood, or a country: “What’s the purpose of your visit?” It’s a logical question: sure, the guard knows some information—like who you are (thanks to your ID) and when you’ve arrived—but the context of “why” is equally important. It can set expectations around behavior during your visit, as well as what spaces you should or should not have access to.
Digital access follows suit. Recent data protection regulations, such as the GDPR, have formalized concepts of purpose limitation and data proportionality: people should only access data necessary for a specific stated reason. System owners know people need access to do their job, but especially for particularly sensitive applications, knowing why a login was needed is just as vital as knowing who, when, and how.
Starting today, Cloudflare for Teams administrators can prompt users to enter a justification for accessing an application prior to login. Administrators can add this Continue reading
802.1X has little relevance over time. As distributed work becomes widespread, laptops and smartphones will not connect to campus or branch networks operated by IT departments. Home broadband, cafes, kids schools, 4G/5g etc. Each user device will have some software mechanism/agent/method to access resources in SaaS, on/off prem DC/cloud and on son There is a market […]