Cloudflare CEO: Why mixing cloud services makes for better overall performance

A graphic image of a cloud set in a digital background.
(Image credit: Shutterstock/ZinetroN)

At the very start of internet infrastructure company Cloudflare were three individuals that realized that the cloud had taken what enterprises used to buy as box software from companies like Microsoft, and provided it as a service.

Co-founded in 2009 by Matthew Prince, Michelle Zatlyn (who is still president and COO), and Lee Holloway, Cloudflare has today evolved into an all-round IT service management company that boasts nearly a third of the Fortune 500 as customers, with 18 of the 20 largest companies on Earth relying on its network. 

TechRadar Pro spoke exclusively with Prince, now CEO of Cloudflare, to examine the company's journey, growth trajectory, and everything in between. 

Cloudflare’s early days 

Back in 2008, a year before Cloudflare launched, Prince reminisces that inasmuch as the software service space was transforming, the same thing was happening for the server space. Therefore, instead of buying a piece of hardware from Dell, HP or Lenovo, for example, this period signalled the launch and beginnings of explosive growth for AWS, Microsoft Azure, and Google Cloud.

“As we looked at it, it seemed inevitable that the same thing was going to happen to the network and network security space,” Prince says. “Who would build the firewall in the cloud, who would build the next generation load balancer in the cloud, who would build the next generation WAN optimizer in the cloud, and take that on. That was the opportunity that we saw.” 

“We initially had a chicken and egg problem - we knew that in order for the company to be successful, we would not need to sell to very large enterprises and IT buyers, and we've done that. However, in the early days, we knew that in order to build the models to stop the security threats that those companies today rely on, we needed to have traffic and data. But in order to get traffic and data, we needed to have customers, and that created the chicken and egg problem, which we solved by initially having a very free and very cheap version of our service.”

Homepage of CloudFlare website on the display of PC, url - CloudFlare.com.

(Image credit: Shutterstock/Sharaf Maksumov)

Prince and his team initially thought only a few small businesses and developers would sign up, but somewhat surprisingly, he admits Cloudflare quickly attracted a group of large organizations that didn't have big budgets, but had really big security problems. They ranged from human rights organizations to organizations that were in the Civil Society space. 

“In the early days of Cloudflare, a ton of our customers were people who were doing humanitarian work in war torn parts of the world, and were covering human rights abuses in various places,” he recalls.

“I remember very clearly a meeting with these three African journalists; one was from Angola, one was from Ethiopia, and the third, they wouldn't tell us his name or where he was from, because he was being hunted by death squads. It was the first time I've been in a meeting that used the term death squads, and this was back in 2011 or 2012. They all told me that they can’t do their job, which is largely covering government and large corporate corruption in their home countries without Cloudflare, because people are always trying to knock them offline and they don’t have the budget to buy big and expensive solutions."

“I also remember when the Hong Kong democracy movement, back in 2014, asked if they could use us, and we somewhat naively said yes. And there’s a fairly large country that starts with a “C” and ends with an “A” and isn’t Colombia, Cuba, Costa Rica, or Canada, that really did not want the Hong Kong democracy movement to be online. Therefore, the fact that we were the thing that kept them online, gave us the experience and data to be able to stand up to challenges that our biggest corporate customers face today.”

All of this was used as fuel for the building of the company at its early stages, as Cloudflare utilized this demand to scale up all aspects of the business from cloud cybersecurity to DDoS mitigation, through both extensive product development and acquisitions.

The competition  

When discussing the competition, Prince identifies AWS in some areas, predicting that over time, both companies will end up competing even more.

“We really approach the problem very differently than Amazon or any of the big public clouds. They start with the database or the storage layer, and they're working their way out, whereas we start with the network, and we're sort of working our way in,” he says.

“That's important because it changes your overall philosophy on what success looks like. If you're a database, then success is all of the data being on you. Therefore, the strategy of Amazon and Google and Microsoft, is to make sure everything runs on their platform."

“They have tried to make the world such that you make a decision at your company on which of those three platforms you use, and then you're stuck on that platform for the long term. Customers hate that. The biggest objection that the big hyperscale public clouds have is that sort of all or nothing decision. Companies want to be able to pick and choose; use a few Amazon services, a few Google services, a few Microsoft services, and a few services from some new startups and stitch those all together.”

Prince goes on to explain that because Cloudflare started with the idea of a network that connects things, it hasn’t been the most strenuous task trying to remain an independent and neutral party.

“We can sit between all of the big hyperscale public clouds and let the customers know that they can use a little bit of all these different services,” he notes.

“In terms of doing something that moves up the stack, with website builders or services of that nature, we're very much a picks and shovels company, and we live pretty far down in the stack and so something like Pages, we're starting to play the role of a web hosting provider."

“But we would much rather other people build the tools with how they can help people build great services on top of us. Customers such as Shopify are really good at building the storefronts, handling payment processes, helping with shipping, and we are really good at handling the network.”

blocked web page icon on a computer screen

(Image credit: Shutterstock/Thomas Holt)

The elephant in the room 

In September 2022, Cloudflare made the decision to block troll site Kiwi Farms, reversing an earlier stance, which resulted in headlines across the world.

“The reason why that story is a big deal is because for us, it’s fairly rare. If I look back over the 12 years of our life, we've had three times where we've made a decision to take content down, which was not necessarily illegal, but was just gross in one way or another. That contrasts with what big tech platforms like Facebook, YouTube or Twitter have to do all the time,” explains Prince.

This begs the question, then, where in the stack does Cloudflare exist?

Prince says the way he tends to think about this is that, probably about one out of every 10 things that you're tempted to post online, you self-censor yourself from posting, because as an individual, we all always have some bad ideas. 

“If you're a platform, like a Facebook, or a Google, it's probably one out of every 10,000 posts that they're taking down, and that’s the closest to the individual,” he adds.

“If you go a layer below that it would be the web hosting providers. If you looked at GoDaddy or even AWS, they might take down one out of every million customers that are posting something online. And then we, as a network provider, sit below that, so it would be one out of every 100 million things that might be controversial. 

“The vast majority of the time for us, if we take something offline (and we take them offline all the time), but we do it following the laws of the countries that we operate in.” 

Therefore, if a piece of content is illegal in Germany, then Cloudflare takes the site that has that content offline in Germany. There’s also certain content that is illegal everywhere around the world, such as child pornography and terrorist content. 

“Those are the easy cases,” Prince explains. “The tough cases are these cases where you have something like Kiwi Farms where the law maybe hasn't caught up to yet, although I think you're going to see that change pretty dramatically. And even in the Kiwi Farms case, you'll see law enforcement action. 

“We're fortunate because we are not like one of the big tech platforms and that this isn't something that comes up all the time, and because it is fairly rare, we think it's important to be very transparent, and talk about it extensively, when it does come up.”

A representative abstraction of artificial intelligence

(Image credit: Shutterstock / vs148)

The future is AI 

There are hardly any IT services right now  that are either implementing open AI into their framework, or are actively thinking about it.

Cloudflare is no different, having been using AI and machine learning since its earliest days in order to identify security threats and stop attacks.

“It's incredible what open AI has done in order to build some of the tools that are out there, and consumers can see that now with tools like open AI and ChatGPT,” says Prince as we discussed the future of the digital sector.

Echoing this sentiment, Colin Redbond, SVP Product, SS&C Blue Prism separately told TechRadar Pro that the world is already seeing increased collaboration between human and digital workers, who are working in tandem with one another to streamline business processes and maximize operations efficiency. 

“Advancements in conversational AI will revolutionize how humans interact with their digital colleagues and will increase adoption of automation over time,” he adds.

“There is huge potential in ChatGPT, but there are limitations - it is trained based on vast amounts of data from the internet and therefore organizations will need to ensure they have appropriate controls and governance in place if using it within critical systems or processes.”

And in the same way that platforms  such as ChatGPT have improved significantly over the last few years, things like bot detection, firewall services, and security services have all had similar levels of improvement too.

Functionality of CAPTCHAs 

CAPTCHAs have long been used to keep Internet bots at bay, but have also been criticized for offering a poor user experience, lack of accessibility for users who are visually impaired, and have been criticized for posing potential cultural biases. 

“We created Cloudflare Turnstile as a smart alternative to CAPTCHA, providing the same level of security without the frustrating user experience. Turnstile automatically uses in-browser detections and challenges based on characteristics of the visitor, and in over 90% of cases, avoids showing the visual challenges like “click the stop signs” or “identify all images with boats” that we’ve become used to,” he explains.

“For example, we built Private Access Tokens directly into Turnstile by working with Apple, allowing us to minimize data collection by asking Apple to validate the device for us. Turnstile never looks for cookies or uses cookies to collect or store information of any kind.”

Prince mentions the reality is that because the Turnstile tool is free, businesses must also give up their data to use them, so there’s an inherent lack of privacy built into the service.

Cloud computing concept represented by a server room, with a cloud representation hologram concept.

(Image credit: Shutterstock/Virgiliu Obada)

Room for innovation  

The cloud is undoubtedly essential to modern business, so any friction to using it hinders innovation. High prices, particularly bandwidth-egress fees, limit how businesses use cloud computing or move data to and from different cloud vendors. 

“When cloud storage first evolved it was a huge step forwards towards supporting scalable storage solutions for businesses of all sizes, but the strain of bandwidth pricing (in an effort to maintain a competitive edge) restricts businesses and the rate at which they can innovate,” Prince concludes.

“Egress fees result in vendor lock-in, because the bill for moving data can get out of control when your applications are spread between various SaaS services and cloud providers. When a business is too locked in to choose the right cloud solutions for its needs, it misses out on the promise of the cloud. 

“It loses the freedom of choice in selecting services to suit its business needs and the potential to negotiate prices with the selected provider. This just doesn’t align with the original concept of an open internet where data can flow freely.”

Businesses deserve choice and fair pricing, and with so many options out there, the message is clear - individuals or enterprises should not need to be locked in one overpriced software service or network provider.

Abigail Opiah
B2B Editor - Web hosting & Website builders

Abigail is a B2B Editor that specializes in web hosting and website builder news, features and reviews at TechRadar Pro. She has been a B2B journalist for more than five years covering a wide range of topics in the technology sector from colocation and cloud to data centers and telecommunications. As a B2B web hosting and website builder editor, Abigail also writes how-to guides and deals for the sector, keeping up to date with the latest trends in the hosting industry. Abigail is also extremely keen on commissioning contributed content from experts in the web hosting and website builder field.