Challenge

With core team members all over the globe, Klever Exchange has a truly modern workforce that’s 100% remote and cloud-native. This created unique challenges around providing employees with a stable, reliable option to access the resources necessary to do their jobs. Because Klever is also entirely BYOD, they needed to be able to secure these resources whether a developer was connecting to the cloud from their home or a new location. 

However, improving the developer experience was only part of the puzzle. Because Klever is a cloud-based cryptocurrency trading platform, they also had to consider the security of the blockchain itself and any risks it could pose to Klever when enhancing its security stack. “There’s security, and then there’s security in the blockchain industry,” said Vinicius Lima de Oliveira, Cyber Security Consultant at Klever. “Security here is above everything.” 

The team at Klever knew that legacy approaches to network security would not provide the performance and security they needed. “VPNs were created for on-premise infrastructure,” said Lima de Oliviera. “Most of the solutions in the market nowadays are on-premise-based solutions.” Instead, they decided to move to a Zero Trust security model.

Solution

For Klever, the appeal of a Zero Trust model was that the strictest security standards are applied to all company layers rather than just a perimeter, and granular access controls limit employees to just the resources needed to do their jobs. “The Zero Trust model is something that everyone should follow,” said Lima de Oliviera.

The solution they chose also needed to be performant. It was critical that Klever’s new remote access product would not hinder the work of their globally distributed DevOps and Ops teams. The ideal solution would be extremely secure, easy to deploy, and performant for end users, allowing developers the freedom to do their work more securely without being bogged down by latency, slow speeds, or connection issues.

Klever evaluated a variety of Zero Trust and SASE solutions, but they found a mix of things that didn’t quite work for them:

• Expensive solutions with overly complex functionality 

• Hidden costs in the management console of the solution

• Heavy configuration and administrative overhead

Results

After evaluating a number of solutions, the team at Klever decided on Twingate’s Zero Trust Network Access solution. Twingate’s unique approach to network architecture establishes direct peer-to-peer connections to protected resources, with each request verified before it ever leaves the device. 

These peer-to-peer connections make remote access lightning fast for end users, keeping pace with the speed of Klever’s developers without sacrificing security. In fact, unlike perimeter-based network security models, Twingate prevents lateral network traffic and reduces Klever’s cyberattack surface by sitting behind their firewall, no exposed or open ports needed.

With Twingate’s fine-grained access policies based on user, location, and device, the team at Klever was easily able to implement least privilege access while improving productivity for admins. Before Twingate, it took five-to-six manual steps to provision or deprovision access for each individual user. Because of Twingate’s out-of-the-box integrations with all major identity providers, the Klever team was able to reduce time spent provisioning users by over 90 percent.

Lima de Oliviera and the team at Klever also found more than just a performant product with Twingate. “Some people say, ‘You bought the product, we made our profit, you’re on your own now.’” said Lima de Oliviera. “And Twingate does exactly the opposite.” Fast support, open and direct channels for communication, and extensive opportunities for his team to provide feedback made Klever’s post-sale experience with Twingate stand out. “You guys are always engaged,” said Lima de Oliviera. “This is what makes a partnership last.”