Werner Enterprises has been hauling cargo across North America since it purchased its first truck in 1956. Since then, the company has grown into one of the USA’s largest truckload cargo carriers. Today, it is at the center of a connected alliance of world-class supply chain solutions.
The company uses best-in-class technology to improve its services, and its internal applications are central to that business strategy, providing Werner customers with optimized freight management services and its resources on the road with 24/7 access to trip details, load statuses, and reference documentation.
Due to the size and geographical diversity of its workforce, as well as its widespread use of email for internal and customer communications, Werner had concerns about phishing — the use of socially engineered emails to extract sensitive information from unsuspecting employees. With email-borne threats increasing in both frequency and sophistication, the company’s previous email security system wasn’t keeping up.
“Nine out of ten security breaches begin with a phish — so every malicious email that hits a user's inbox is a threat to our business,” explains Michael Perdunn, Director of Cyber Security at Werner Enterprises. “As a critical US infrastructure provider, we are always one click away from being compromised. Without a strong email security posture, potential attackers can target our employees to gain a foothold within the company.”
In addition to its email security concerns, Werner was also systematically migrating its legacy on-premise applications to the cloud so its North American resources could work free of the limitations of a traditional VPN.
Maintaining the availability of these core systems during the transition to the cloud was critical, as was protecting its customers’ commercial history and its employees' personally identifiable information (PII). The company was also looking to minimize tool sprawl and reduce the complexity of managing multiple vendor security solutions.
“We are modernizing our entire technology stack from the ground up. We're building a scalable cloud- and API-based system,” explains Danny Lilley, Werner Enterprises Vice President and Chief Technical Officer.
“During COVID-19, we realized it made no sense to bring everything back on site via our VPN,” adds Perdunn. “Instead, we wanted a unified set of tools that would take us into the cloud to mitigate threats, improve performance, and provide our clients and users with the same security they would have if they were actually in the building.”
The Werner security engineering team turned to Cloudflare. With Area 1, the company secured its Microsoft 365 inboxes, improved protection for its mobile and roaming users, and implemented a more proactive approach to email security. As an integrated cloud email security solution, Area 1 uses AI, machine learning, and computer vision technologies to provide comprehensive, effective phishing protection.
Area 1 preemptively scans the Internet for attacker infrastructures. It identifies the sources and delivery mechanisms of phishing and business email compromise (BEC) attacks before they can launch. Area 1 security also provides end-to-end inbox protection against malicious URLs and payloads like malware or ransomware that can bring down networks.
Because it is cloud-native and offers multiple deployment options that integrate neatly into any enterprise email solution, Area 1 satisfied the Werner Security engineering team’s ease of use requirement with near-instantaneous deployment.
“Many solutions make promises about their capabilities, but Cloudflare Area 1 really was easy to use and implement,” says Perdunn. “We very quickly got it running, integrated, and had the false positives worked out so we could begin protecting our users.”
Area 1 also met Werner’s functional requirements by delivering clear business results for threat detection, security controls, and reporting. In the first 2-weeks, Cloudflare Area 1 identified 1,700 threatening emails that Werner’s previous email security solution missed.
“The metrics we get from Area 1 are fantastic. Where it really performs, though, is in the volume of threats it detects. Since we implemented Area 1 we have seen a 50% reduction in the number of malicious or suspicious emails our users receive every day. That frees up multiple hours we can reinvest into other goals,” adds Perdunn, referring to strategic initiatives like researching the company’s zero trust roadmap, further securing its technology stacks, and collaborating with technology partners to bring new value to the business.
To ensure security and uptime for its mix of legacy applications and on-premises hardware with its new cloud-based applications and servers, the Werner security and engineering teams also adopted Cloudflare Magic Transit and Magic Firewall.
In addition to securing Werner’s internal and external networks with the best-in-class Cloudflare network firewall and DDoS mitigation, Magic Transit and Magic Firewall give the Werner engineering team granular control over its traffic. From the Cloudflare dashboard, the Werner teams can easily balance system performance and security, and provide consistent offsite availability, while reining in overheads associated with operating in the cloud.
“Magic Transit manages our connection to Azure and maintains the flow of information between our users, cloud tenants, and the systems we have on-premise. With Cloudflare we have complete control of our data centers and everything we move out to our cloud providers flows as effectively and efficiently as possible,” says Perdunn. “Everything critical to our organization is always available and running as it should.”
Because both Area 1 and Magic Transit are a part of the consolidated Cloudflare solution, Werner has also reduced the complexity of maintaining and upgrading its network infrastructure while gaining greater insight into its own data.
“Cloudflare helps my teams get at the data and the truth without having to pivot between tools,” says Perdunn. “By consolidating our security under Cloudflare, we can automate and move much faster than a potential attacker. It is that ease-of-use, security, tight integration, and Cloudflare reliability that multiplies the efficiency of my security teams and delivers the most business value.”
Reflecting on the impact Magic Transit has had on the Werner infrastructure, Lilley adds, “As we roll out Cloudflare and consolidate into a single platform, our security stack is stronger than ever before.”
Cloudflare has helped to accelerate Werner’s migration to the cloud, improved its application security, and protect its users and networks from malicious emails. Ultimately, however, it is the two companies' similar culture and shared focus on innovation that has Werner investigating Cloudflare Zero Trust and planning to integrate additional Cloudflare services as part of its roadmap for 2023.
“Cloudflare understands what we do and where we are on our journey. It is one of our core providers because we need a vendor that provides solutions as quickly as we encounter new challenges,” says Perdunn. “As we continue to grow through acquisition, we plan to extend the Cloudflare security umbrella throughout our entire organization.”
“We're trying to use a single vendor as much as possible, and so far we've liked everything Cloudflare has sent our way. Cloudflare cares about its customers, about us — it just feels like a good fit,” adds Mahon.
Reduced malicious emails in user inboxes by more than 50%
Cut manual email triage efforts by several hours per day, allowing teams to reinvest their efforts into strategic business goals
Migrated core legacy services to the cloud without critical business or customer service interruptions
Consolidated to a single-vendor, single-interface solution that reduces system complexity, facilitates automation, and improves data visibility
“We're trying to just use a single vendor as much as possible, and so far we've liked everything Cloudflare has sent our way. Cloudflare cares about its customers, about us — it just feels like a good fit.”
Executive Vice President and Chief Information Officer
“As we roll out Cloudflare and consolidate into a single platform, our security stack is stronger than ever before.”
Vice President and Chief Technical Officer