Zero Trust is more than a buzzword. It is a mindset. What was the hardest part about shifting your organization to a Zero Trust architecture? #CloudflareChat
I’d say the toughest part is really the mindset shift, moving people away from "trust by default" isn’t easy. It takes time, awareness, and consistency to make Zero Trust stick across the organization.
Getting developers to stop hardcoding service-to-service trust was the worst part for us. Everyone understood the theory but kept adding exceptions because "this internal service doesn't need auth". Took about 3 months of broken builds before mTLS between services stopped being optional.
These kinds of discussions are valuable because internet performance is rarely about one bottleneck. It’s usually the result of small optimizations across networking, observability, and edge delivery working together
As they were into Multi-OS ecosystem.
Been a great discovery for us at Archevi.
Our organization does not even trust Cloudfla, but they provide a great and competitive service.
In practice, the hardest shift in Zero Trust tends to be cultural rather than technical, especially moving from perimeter-based assumptions to continuous verification across every access decision.