Traders Club uses Pomerium to provide a VPN alternative, implement layered Identity and Access Management, and ensure compliance to privacy laws.

Traders Club was evaluating various Cloud Access Security Broker (CASB) solutions while looking for an identity-aware proxy to help them authenticate with Google’s Identity Provider (IdP). Traders Club wanted more controlled access to their internal applications, and they needed a tool they could deploy on their own. Their management wanted to improve their security posture without introducing additional resource drain.

With those criteria in mind, the security team chose Pomerium after evaluating various solutions.

Centralized Access Control

Central auditing with a unified logging system enables easy compliance with LGPD, Brazil’s equivalent to GDPR.

Authenticates Identity Providers

Because Pomerium is built with identity and context-driven access in mind, Traders Club can easily authenticate user sessions based on their identity (provided by Google) and provide the correct level of access.

Visibility

After switching to Pomerium, Traders Club now has better logging and auditing capabilities that gives them insight into how their infrastructure and network is being accessed.

Lucas Cioffi
Head of Information Security and IT
“Pomerium is great because it’s completely zero trust. I hate this buzzword but it’s true for Pomerium. It’s completely zero trust.”

Company Background

Traders Club is a free terminal for Brazil’s investor community for financial and cryptocurrency markets, with complete information and rich analysis on the stock exchange. Additionally, it acts as a social network for companies and individual investors to exchange ideas and push investment strategies by participating in various public or private debate channels.

Traders Club’s Challenges

From the beginning we said look: we have a very mobile and remote workforce, so it doesn’t make sense to have a traditional security architecture where everything is in your office or data center for VPN users to access. That doesn’t make sense because only a minority of people are actually in the office – so we said we’d go cloud-first, cloud-native.

Lucas Cioffi, Head of Information Security and IT at Traders Club Brasil

When Traders Club made the decision to be cloud-first and cloud-native, they immediately determined that a traditional access control architecture such as a VPN was inadequate for their needs. They required Identity and Access Management (IAM) to implement access control for a remote workforce and gain visibility into their infrastructure. The COVID-19 pandemic only hastened their need to provide a secure avenue for hassle-free access to remote users.

After passing on VeraCloud and Cloudflare Access, they chose to use Pomerium. Contributing to their decision was Pomerium’s capabilities in providing access control for user profiles, logging and monitoring their corporate network, and giving their users an alternative to the frustrating VPN experience.

Securing Access in Finance

Traders Club is a financial social media platform offering services such as curated news, research, and investment chats through its app to 470,000 traders. With so much money riding on access to trusted financial data and information, Traders Club had a duty to secure their infrastructure against bad actors that may look to muddle the landscape. The security team needed a centralized access management solution that could easily integrate into their existing infrastructure while scaling according to their future needs — and that solution was Pomerium.

Centralized Access Management

Pomerium saves review time for us because we don’t have to check VPN profiles whenever a user is leaving. It simplifies a lot of things.

Lucas Cioffi

While Traders Club’s management was particularly excited to use Pomerium’s monitoring and logging for stronger auditing capabilities and meeting compliance mandates, the security team was drawn to Pomerium’s ability to provide fine grain control over the centralized access proxy. This significantly reduces the burden of access management when they can easily disable a leaving user’s access through removing them from group membership or dropping them from the identity provider.

Remote Access Solution

Ease of use is important, because users don’t have to install the VPN anymore. It’s a mess, right? When you’re working with users and anything takes more than three steps, it’s a mess.

Lucas Cioffi

The security team always knew the problem: VPNs were a horrible user experience, but there was no good solution. Pomerium’s context-aware access provides a strong alternative to complement the perimeter-based VPN security model with a zero trust-based one. Even better, it wasn’t a rip-and-replace solution so users accustomed to using the VPN can be gradually on-boarded onto the Pomerium process without needlessly disrupting their workflow.

Retaining Control Over Data

Control over where their data lives and the latency when accessing it is always a concern. In fact, Traders Club says that the ability to deploy Pomerium as a proxy at edge according to their needs is one of its strongest capabilities. They want to ensure that any sensitive data or resources are wholly under their own control and not entrusted to a third party to manage.

Looking Ahead

Traders Club is confident that they can secure all their applications behind Pomerium. Their security team is excited about the dynamic where Pomerium secures their infrastructure while improving the user access experience. 

There are internal applications coming out of the oven and we’re saying: we’re going to put this into Pomerium. It’s going to work fine.

Lucas Cioffi

Companies have traditionally struggled with finding a nice balance between security and productivity. But Lucas notes that this isn’t the case with Pomerium.

We can say to the developer teams: Yeah, you don’t need to worry about this, we got you covered, it’s fine. We’re actually saving them work — something that’s unheard of for a security team.

Lucas Cioffi

To learn how your company can also benefit from deploying Pomerium on your infrastructure, get started here.

Traders Club is a free terminal for Brazil’s investor community for financial and cryptocurrency markets.

Infrastructure
Kubernetes, Google GKE
Platform
Google Cloud Platform
Database
MySQL

Sign up to be notified of new features and product updates

Get Started