Better security does more than stop threats. It also simplifies and accelerates business and IT processes, allowing your company to transform as needed to thrive and grow. For many of our customers, the decision to go with Zscaler does exactly that, and makes it easier and faster to kickstart their zero trust journey. Below is just one example.
In the past few years, this manufacturing company has grown organically and via acquisition, extending its presence in Canada and the US and expanding into Europe. To provide its growing user base with access to the internet and SaaS applications, internal applications, and network services, the company realized that the traditional hub-and-spoke security model just wasn’t agile or secure enough as it exposed a large attack surface, was complex to operate, and posed several other challenges.
The traditional security model, with an external shell and trusted perimeter (firewalls and VPNs), provides a certain level of security, but a zero trust architecture, like the Zscaler Zero Trust Exchange, provides a much deeper defense. By trusting nothing and authenticating at the application level rather than the network, you segment and distribute the risk, dramatically shrinking the available attack surface and the lateral movement of threats.
But before they even began considering a shift of our security paradigm to zero trust, they were just searching for a better solution for web filtering. As they implemented the first Zero Trust Exchange solution to address this need, and then expanded to enable secure remote access, they found themselves simplifying and accelerating processes—and reaping significant benefits, including paving the way for a zero trust transformation.
Let me explain.
Streamlining web filtering and security event monitoring
Initially, the company implemented Zscaler Internet Access (ZIA) because they wanted a cloud-native security service edge (SSE) solution to filter web traffic and safeguard internet access across more than 70 locations globally. One big reason they went with ZIA was its ability to seamlessly decrypt 100% of SSL traffic since, in their experience, almost all the incoming traffic on our network these days is encrypted.
With ZIA providing safe, fast internet and SaaS access and centralizing several million internet security event logs per day, it reduced their monitoring overhead significantly while simultaneously boosting their threat protection. As their company has grown, so has the traffic on their network. Last year traffic increased by 24% to 127.2 terabytes, and 93% of that was encrypted. During that year, the Zscaler solution:
- Filtered approximately 3.5 billion events.
- Prevented more than 745,200 policy violations.
- Blocked more than 37,000 security threats, including 5,490 hidden in encrypted traffic.
Every day, ZIA automatically prevents users’ attempts to access malicious websites, follow phishing links, or engage in other risky behavior. All that threat prevention translates to less work for the security team and service desk.
Simplifying remote access security management and remote users’ experience
Next, the company decided to migrate away from VPNs, which they found extremely cumbersome and time consuming to administer, with tokens that were hard to maintain and provide. VPNs also pinned users to a particular ingress and egress point, depending on their points of presence, so any user movement meant more work on their part. In addition, they felt that the increase in remote code execution vulnerabilities in popular VPN products presented an unacceptable level of risk.
They opted instead to deploy Zscaler Private Access (ZPA) for secure, remote access to internal apps and services. ZPA simplified remote access management tremendously compared to VPNs. ZPA depends neither on hardware nor location. They don’t have any hardware to maintain and Zscaler manages all the remote points of presence via its 150 data centers, thereby slashing our administrative overhead and giving users the closest point of access to our infrastructure through the Zscaler cloud. With ZPA, remote users can access what they need to do their jobs much more easily and faster than before.
In addition, going with ZPA made their job even easier since they had already deployed ZIA. ZIA and ZPA are both part of the Zscaler Zero Trust Exchange platform and share the same agent. Since remote users’ devices already had the Zscaler agent installed, they didn’t even have to push out a new agent.
Expediting post-acquisition onboarding by months
By providing rapid access to internal applications and services, ZPA also dramatically simplified and sped up onboarding of employees from newly acquired companies. With the company’s most recent acquisition, it would normally have taken weeks, if not months, of planning and complicated network architecture discussions—not to mention reimaging of hundreds of workstations—to reach the point where they could grant these new employees access to their apps. With ZPA, they resolved the issues at the policy level in just hours, enabling their new employees to be much more productive weeks, or even months, sooner.
In addition, with a zero trust architecture, they dramatically reduced risk with respect to mergers and acquisitions (M&A). According to McKinsey & Company, 51% of M&A dealmakers cite cyber risk as the top transaction risk. ZPA prevents infected devices from exploiting applications and resources but also grants each new authorized user access only to the applications and resources that person needs. So, threat exposure is minimized from acquired entities on day one.
Fast-tracking the zero trust transformation process
The Zscaler team collaborated with the company and supported them extremely well from the beginning. For example, when COVID-19 hit, Zscaler helped them transition their entire workforce to the work-from-anywhere paradigm within just a few weeks. They have told us that they could not have achieved the results that they did as rapidly and smoothly without Zscaler technology, guidance, and support.
This company went from being a company that just wanted better internet filtering to one that is transforming its entire security strategy toward zero trust. Today they’re only at the beginning of their zero trust journey, but, continuing to partner with Zscaler, their goal is to employ zero trust across their estate, allowing employees to have a secure, seamless experience from any device, anywhere.
To learn more, I invite you to check out our customer success stories library to learn how other companies are partnering with Zscaler to simplify and accelerate their zero trust journeys.