Confidence through compliance
Zscaler adheres to rigorous security, availability and privacy standards, so that customers may adopt our services with confidence
Zscaler compliance offerings help stakeholders understand the sturdy frameworks in place to maintain compliance and security in our cloud. The Zscaler compliance team works to ensure all Zscaler products are aligned and certified against internationally recognized government and commercial standards—frameworks to build confidence in customers by providing pertinent solutions. Zscaler compliance enablers are built on traditional programs focusing on data protection and regulatory requirements, which include ISO 27001, ISO 27701, SOC 2, FedRAMP and various others, depending on the specific Zscaler product and customer needs, helping them to establish and operate in the Zscaler security control environment.
We are committed to ensuring that our global customers and partners are able to meet diverse compliance requirements. To download any compliance certification full reports for IT standards that Zscaler compliance with, please submit this Request Form.
Data privacy and security are integral to Zscaler
Zscaler ensures that millions of employees at thousands of enterprise and government organizations worldwide are protected against cyberattacks and data breaches. Each organization faces unique regulatory challenges based upon industry, geography, and other factors, and the Zscaler platform is designed to simplify compliance and reporting, globally. Each day, Zscaler secures more than 400 of the Forbes Global 2000 organizations across 185 countries.
Our focus on security
Security is at the heart of the services we offer customers, and as a company we also rely on Zscaler security to protect against malicious attacks and data loss. Not surprisingly, security is central to our company and culture. For more information regarding our compliance practice email us at [email protected].
At Zscaler, we follow industry best practices and we require all employees to undergo extensive annual security trainings. We continuously strive to improve our security programs and controls and seek feedback from customers, body auditors, and internal teams. Because we believe that security and strategic initiatives should be closely aligned, our CISO reports to the Chief Strategy Officer.
Secure product development and maintenance
We have implemented security checks across our development lifecycle and our product is continuously evaluated by internal security teams and external auditors. Our cloud platform is monitored in real time and we provide publicly available insight into the performance and health of our service, globally. In addition, we perform regular vulnerability scans, risk assessments, and penetration tests to maintain the highest standards of security and availability.
Securing customer information
Customer information is protected in accordance with best-of-breed frameworks and standards like ISO 27001. We guarantee that the customer transaction content we inspect as part of our service offering is never written to disk and logs are never stored in clear text.
Our dedicated research team analyzes threats we see across our security cloud and investigates the global threat landscape. We share our research and cloud data with the industry at large to help promote a safer internet.
Get real-time insight into our operations
Our customers entrust us with securing their internet connections, and we take that responsibility seriously. That’s why we believe in transparency, offer a window into the health of the platform to anyone at any time, showing operational status, upcoming maintenance windows, incidents, and security advisories, along with historical data.
Check your internet security with Zscaler Security Preview
Data protection and privacy in a cloud-enabled world
Zscaler is committed to our customers’ success, including compliance with global privacy regulations, and will assist our customers in satisfying their privacy compliance obligations. Learn how Zscaler supports your privacy compliance efforts.