SECURITY

Conducting business in the digital economy incurs significant risks, with would-be cyberattackers and data thieves lurking everywhere. The possibility of a network breach is ever present and organizations look increasingly to a Zero Trust architecture to shore up defenses.

The concept of Zero Trust represents a fundamental rethinking of cybersecurity: How do you operate safely in IT environments you can’t verify to be secure? Even if intruders penetrate the network, once inside, they find obstacles at every turn through multilevel validation requirements. Zero Trust subjects users, systems, and devices to a validation process with each attempt to access an asset.

“The idea is to trust nothing, verify everything, don’t assume. Re-verify as often as you feel you need to,” says Ken Urquhart, Global Vice President, 5G, at Zscaler, a Zero Trust security solutions vendor.

Cybersecurity teams traditionally have operated on a “siege mentality” where “our IT stuff” is separated from cyberattackers by one or more firewalls, Urquhart says. But the proliferation of devices on-premises, the cloud, the edge, and IoT systems has widened and blurred the idea of a simple perimeter, creating increasing challenges for data security management.

When attackers succeed, they often lurk undetected within an organization’s network for an average of nine months, stealing data and causing disruptions. Companies are left guessing how long intruders creep around their systems or how much data they siphon off. “Today’s organizations have to deflect 100% of those attacks successfully in order to be safe, whereas the attacker only has to be successful once,” Urquhart says. “With a firewall approach, which has been with us since the 1980s, the basic assumption is that if you get inside, you’re pretty much treated as a trusted user.”

Zscaler provides continuous data protection, using encrypted communications, monitoring, and analytics to prevent attackers from seeing what a company does—or even seeing the organization at all. Devices and applications protected by Zscaler technologies are rendered undetectable to other devices on a network. “You can’t attack what you can’t see,” says Urquhart.

The idea is to deliver a seamless experience across the environment, no matter how far it spans across the globe. Zscaler enables clients to focus on their core business rather than constantly working to fend off threats.

Global organizations such as FedEx, British Petroleum, Siemens, and General Electric have turned to Zscaler for years to #secure their sprawling #GlobalNetworks. @zscaler via @insightdottech

Zero Trust Tackles Cybersecurity Challenges

Global organizations such as FedEx, British Petroleum, Siemens, and General Electric have turned to Zscaler for years to secure their sprawling global networks. For example, Siemens reduced its infrastructure costs by 70%, and 80% of employees at General Electric said in a survey that Zscaler makes it easier to do their jobs. And one oil and gas customer facing persistent ransomware issues saw a whopping 3,500% reduction in attacks after implementing Zscaler technology.

Zscaler was formed in 2008 at the very start of the Zero Trust movement. “We operate a secure global communications network that scans over 18 petabytes of data a day, handling 320+ billion transactions—over 20 times the number of Google searches per day—while handing 9+ billion daily incidents and policy violations and interpreting 500+ terabytes of metadata and signals daily using AI/ML,” says Urquhart.

Organizations often struggle to secure their environments against a dynamic threat landscape. As new threats emerge and old ones morph like mutating viruses, cybersecurity teams keep adding tools and protocols to fight them. They also must secure new applications and systems that organizations add to leverage new functionality.

“And over time, this builds up this set of solutions that need different configurations, different patch levels, different patch frequencies, different administration interfaces,” Urquhart says. Before long, the process gets overly complex, potentially creating still more vulnerabilities.

Further complicating things, organizations rely on systems they don’t (or can’t) control, Urquhart says, adding: “We must operate over telco systems we don’t own. We must operate over networks we don’t own. We put data in public clouds we don’t own. We’re given assurances of the security, but very seldom are you invited to do a complete security audit and review line by line every piece of code for every vulnerability—an undertaking no organization is really in any position to carry out completely even if invited to do so. You have to take someone’s word for it.”

With Zero Trust, anytime users, devices, networks, apps, and data attempt to make a connection, they are subjected to multiple, ongoing levels of validation such as multifactor identification, biometrics, and hardware keys. The process also recognizes when users try to log in from different devices, from different locations, at irregular times, which trigger extra validation steps.

Partnerships Are Essential to Data Security Management

Zscaler’s Zero Trust architecture relies on automation and orchestration to monitor and analyze traffic in real time. Data is encrypted and monitored as it traverses multiple clouds and networks across countries and continents. To make it all happen, Zscaler works with multiple partners such as Supermicro, CrowdStrike, and Intel, which deliver different pieces of the technology solution. And Zscaler collects, shares, and receives threat intelligence from 40 partners to isolate, analyze, and create blocking rules.

Powered by Intel^® Xeon^® Scalable processors, Supermicro hardware supports ZScaler’s edge-to-cloud Security Service Edge (SSE) technology, which inspects all edge and remote worker traffic before routing it to its destination.

Zscaler integrates with CrowdStrike multiple ways to reduce attack surface, minimize lateral movement of threats, and ensure only trusted and protected devices access authorized applications and data.  Zscaler intercepts unknown and malicious files before it reaches the end-user and can trigger cross-platform containment action via CrowdStrike.

By leveraging the CrowdStrike device posture score, a Zscaler admin can configure policies to block access from devices with low trust scores, or allow access only via remote browser isolation, preventing data exfiltration while enabling high user productivity. This prevents valuable intellectual property and personally identifiable information from getting out, while stopping ransomware and other malicious payloads from getting in.

As an added benefit, Zscaler’s approach reduces network and communications infrastructure, he says, noting: “All a customer needs to do is connect their offices, remote workers, or data centers to the local internet and Zscaler can take it from there.”

Technology from partners like Intel is key to Zscaler’s Zero Trust approach. As Intel optimizes its hardware, Zscaler is often one of the first companies to adopt it in its ongoing attempts “to find efficiencies everywhere all the time,” Urquhart says.

Zero Trust is currently the most efficient and effective approach to cybersecurity. While the concept isn’t always well understood due to its defense-in-depth paradigm compared to the simpler “us on the inside, attacker on the outside” firewall metaphor. Zscaler has been at this for 15 years and we keep refining our approach by adopting new technology and absorbing customer feedback,” Urquhart says. “We’re trying to tell the world there’s a different way of approaching cybersecurity.”
 

Edited by Georganne Benesch, Associate Editorial Director for insight.tech.