Connecting to LinkedIn...



CloudFlare Unveils Keyless SSL for Security in the Cloud

19/09/2014 by


Up until now, banking sites and other high-security online services looking to prevent hacking attacks have had to make sure their in-house IT infrastructure was up to the task. But CloudFlare, which provides speeded-up access to Web sites through the cloud, has come out with an alternative solution: Keyless SSL that keeps sites secure without the need for organizations to share their private SSL keys with third-party service providers.

"Private clouds are an oxymoron," CloudFlare CEO Matthew Prince said in a blog post on his company's site Thursday. With Keyless SSL, however, he said organizations can take advantage of the cloud's flexibility "without having to turn over their most guarded secrets: their private SSL keys."

SSL keys are cryptographic keys used to authenticate the identity of someone communicating with another party online. They enable data exchanged between the parties to be encrypted before sending and decrypted upon receipt so communications can be handled securely. Because they don't want to share their private SSL keys with third parties, privacy-minded businesses like banks have had to provide this level of security using their own in-house hardware and software. This makes it harder to scale up network services in times of high demand, something that cloud-based services are designed to do.

In Private Beta for Six Months

We reached out to Prince to learn more about the new Keyless SSL offering.

"We've had the technology in private beta for six months now," Prince told us by e-mail. "Most (of) the organizations using it are large financial institutions who have asked us not to disclose their identity. However, Goldman Sachs has allowed us to reveal that they worked with us on developing the technology and are one of our beta users."

He added: "Keyless SSL is designed to allow companies that had previously needed to use on-premise hardware to now get the infinite scalability and infinite elasticity of a cloud service. The primary competitor to the technology is hardware you install yourself to perform firewall, load balancing, performance optimization, and other functionality. Unfortunately, that on-premise software suffers from limitations when organizations need it to scale."

CloudFlare can get a client "up and running on Keyless SSL within hours in most cases," Prince said. The service is enabled by "installing a small agent somewhere on their infrastructure."

The agent allows users to establish secure connections in the cloud while keeping their private SSL keys in house and separate from the cloud-based servers delivering content.

This article has been extracted from, please click on this link to read the article in full

Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News


SAP announces partnership with STC

2016-10-25 10:00:00 +0100

One of the world’s leading providers of enterprise resource planning (ERP) solutions, SAP, has revealed that it is partnering with STC Advanced Solutions to offer both private and public sector organisations more empowerment. The two firms will be working alongside one another to provide cloud-based subscription services to firms of all sizes. This will help to deliver better information communication technology (ICT) across the Kingdom of Saudi Arabia....


Humans remain largest security flaw in cloud ...

2016-10-21 14:00:00 +0100

With a vast number of companies moving some, if not all, of their operations to the cloud, security continues to be of major concern. Whilst there are numerous patches and firewalls to safeguard defences, it has been highlighted that the most difficult area to protect against is human interaction. This is the view of Jamie Woodruff, a penetration tester and ethical hacker. Woodruff’s views come after he was contracted to conduct a penetration test in or...