Join today’s leading executives online at the Data Summit on March 9th. Register here.
Today, IaaS platform provider BastionZero announced it had raised $6 million in seed funding to enhance its zero-trust remote access solution for cloud engineering teams and accelerate the rollout of a self-serve model.
BastionZero’s platform automatically discovers infrastructure targets in the environment and provides users with a mechanism for zero-trust access.
For instance, an administrator can determine what infrastructure a user can log into based on their role or user account, eliminating the need for passwords, while access logs monitor the commands users run on a target.
The organization’s approach enables enterprises to offer backend and cloud engineering teams secure remote access to the infrastructure they use to build and host software, including everything from servers to databases, Kubernetes clusters, and internal web applications.
Zero trust remote access
The announcement comes as concerns over user access to the cloud have increased, with the U.S. government releasing a memo at the start of this year stating that “in the current threat environment, the Federal Government can no longer depend on conventional perimeter-base defenses to protect critical systems and data.”
Instead, the federal government announced the need to move to a zero trust model where “no actor, system, network or service operating outside or within the security perimeter is trusted.”
At this stage, few enterprises are doing enough to prevent unauthorized access to key data resources, with 71% of cloud accounts not using software or hardware based multifactor authentication and 56% not periodically rotating access keys.
Many enterprises security measures are lax because it’s very difficult to offer zero-trust access to users in remote environments, due to the need to continually authenticate and approve access.
However, BastionZero is aiming to address this problem by offering a scalable remote access solution that automatically discovers target infrastructure and offers users instant passwordless authentication they can use to access key resources.
“Every cloud development team needs some way to access their infrastructure, in a scalable and secure manner. And usually, they’ve built up some kind of system themselves, which comes with high security risks and bothersome operational costs. What we’ve built at BastionZero is a cloud service that simplifies zero-trust access to infrastructure, using a modern security architecture approach based on multiple roots of trust. We believe that we’re part of a new security product category that will displace VPNs, bastion hosts, and privilege access management (PAM) tools,” said CEO Sharon Goldberg.
Offering developer-centric secure remote access
BastionZero is part of the global remote access software market, valued at nearly $1.6 billion in 2019, which researchers estimate will reach a total market size of $3.839 billion in 2025 as more organizations invest in technologies to enable employees to securely access remote computers, servers, and networks.
Today, VPNs are one of the key solutions that organizations rely on to secure user access to sensitive data.
One such provider is Cisco with Cisco AnyConnect, an enterprise-grade VPN that enables remote workers to access resources with multi-factor authentication, which contributed to Cisco’s wider revenue of $49.8 billion in 2021.
Another competitor is Fortinet with FortiClient, a secure remote access solution that uses zero-trust principles to authenticate user access, which announced total revenue of $3.34 billion in 2021.
While other providers like Fortinet are looking to use zero-trust principles to manage user access, BastionZero is aiming to differentiate itself by designing a solution that’s designed specifically for developers and engineers, so they can securely access target systems.
As Deepak Jeevan Kumar of Dell Technologies Capital said, BastionZero offers a “more robust and agile security model than anything that is currently on the market. It’s the future of remote access for developers and cloud ops.”