How Holtmeyer & Monson Keeps its Remote Team Secure with Cloudflare Gateway

Cyber attacks are a threat to any business — but when you’re working with the vast sums of money involved in the financial services industry, the risks become much higher.

Holtmeyer & Monson (H&M) is a lending services provider that assists community banks in providing and managing Small Business Association (SBA) and U.S. Department of Agriculture (USDA) loans. With over 400 institutions across the United States as clients — which themselves deliver banking services to millions of customers — Holtmeyer & Monson is responsible for a high volume of assets that makes them a tempting target for malicious actors.

What makes Holtmeyer & Monson’s situation highly relevant to many businesses today is that its team has always been distributed. Stephen Webb, H&M’s director of IT, explains how he thinks about his team’s security posture in a world where legacy approaches don’t fit, while meeting the strict regulatory requirements of the financial industry.

“Our whole team is remote, working from home offices. We don’t have a server room with hardware firewall appliances, and it wouldn’t really make sense to have one. So I’m always looking for ways to keep our team more secure and harden their connections, wherever they are.”

The Cloudflare Solution

Previously H&M had considered legacy firewall appliances to meet these needs, but any implementation would have been cumbersome (or impossible) given their geographically-distributed team, and threat detection would have been based on static models unfamiliar with the latest attacks. The team subsequently adopted a cloud-based firewall that provided some benefit — but when they saw Cloudflare Gateway, they immediately understood the advantage of leveraging Cloudflare’s network to enhance the company's security.

Cloudflare Gateway provides network filtering at the DNS level, allowing you to monitor Internet-bound DNS queries passing through your network, proactively blocking malicious attacks and phishing attempts. That means that a system administrator can rest easier, knowing that even if a member of the team inadvertently clicks on the wrong link — Cloudflare Gateway will ensure that the linked domain is deactivated.


“Our team is super vigilant, but I can’t leave it all up to them. We need to have tools to supplement and ensure the safety and security of our network. Our previous security solution allowed us to set up blocklists to block malicious attacks — but hearing about a malicious domain is like getting stock tips from The New York Times. It’s too late to be useful.

With Cloudflare, I know that we’re getting protection from the latest emerging attacks, because of the scale of its network and the number of attacks it can derive insights from — it has that intelligence first.”
- Stephen Webb
Director of IT, Holtmeyer & Monson

How Holtmeyer & Monson Keeps its Remote Team Secure with Cloudflare Gateway
Related Products
Key Results

• Holtmeyer & Monson (H&M) is an SBA/USDA lending services provider that must ensure rigorous compliance with government-guaranteed lending regulations — and its team is 100% remote.

• Cloudflare Gateway provides best-in-class DNS filtering, allowing H&M to proactively thwart phishing attempts and malicious traffic.

• Cloudflare Gateway’s security protection is automatically updated to block the latest security threats, using insights from Cloudflare’s global network. And it is built to support distributed teams.

With Cloudflare, I know that we’re getting protection from the latest emerging attacks, because of the scale of its network and the number of attacks it can derive insights from — it has that intelligence first.

Stephen Webb
Director of IT, Holtmeyer & Monson

I really appreciate all of Cloudflare’s offerings. You’re making a lot of things possible that were not even on the horizon just a few years ago, which is transforming the Internet as we know it — and it’s really exciting to be a part of that.

Stephen Webb
Director of IT, Holtmeyer & Monson