Zscaler, Inc. has announced innovations for the Zscaler Zero Trust Exchange platform and new programs designed to secure digital businesses. New security solutions, resources for IT execs and practitioners, and deployment guides to expedite zero trust adoption are redefining the rules of IT security for today’s internet-driven, cloud-first businesses. The combination of these offerings provides digital businesses a holistic approach to securing modern organizations and the pragmatic skills and blueprints needed to be competitive.
Zero trust starts with validating user identity combined with business policy enforcement based on contextual data from user, device, app and content to deliver authorized direct access to applications and resources. This means that no entity (user or application) is inherently trusted. Built on three fundamental tenets, the Zscaler Zero Trust Exchange makes the cloud safe by securely connecting the right users to the right applications.
- Connect users and applications to resources, not the corporate network, preventing lateral movement of threats, thus reducing security and business risk.
- Make applications invisible to the internet. Applications protected behind the Zero Trust Exchange are not visible and cannot be discovered, thus eliminating the attack surface.
- Use a proxy architecture, not a pass through firewall, for content inspection and security. The only way to ensure effective cyber threat defense and data protection is by requiring content inspection, including encrypted traffic, and policy enforcement, before it reaches its intended destination.
Studies show that 77% of IT security teams believe they will move to a hybrid working model resulting in the need for new and advanced security requirements. The introduction of three innovations for the Zero Trust Exchange platform helps IT security teams bring zero trust security to every digital business, strengthens safe web access, and dramatically simplifies the adoption of zero trust policies.
Extending Cloud-Native Zero Trust On-Premises – The new Zscaler ZPA Private Service Edge software makes ZPA the only cloud-native solution that spans both cloud and on-premises environments. Hosted by the customer but managed by Zscaler, it securely brokers users to private applications and removes the need for on-premises network segmentation. This makes ZPA Private Service Edge ideal for on-premises environments and locations subject to internet access challenges by providing local brokering between on-premises users and latency-sensitive applications, resulting in greater performance for users, less complexity for network admins, and less risk for business data. ZPA Private Service Edge is generally available today.
Mitigating Web-based Attacks and Data Leakage – A majority of external attacks target users through their web browsers, making browsers a large surface area for threats. Zscaler’s new, natively integrated Cloud Browser Isolation solution creates an isolated browsing session that enables users to access any webpage on the internet without allowing sensitive data to flow down to the local device or the corporate network. Users do not directly access active web content, preventing the delivery of malicious code. Cloud Browser Isolation allows customers to offer a safer web experience while helping ensure sophisticated attacks, ransomware, or data exfiltration will not impact endpoints or targeted users.
Simplifying Security Policies Through Automation – New APIs automatically create policies for newly discovered services and revokes user access based on time settings. Machine learning (ML) enhancements allow for auto-segmentation of application workloads. These innovations speed up the time it takes to set policies and simplifies microsegmentation – freeing up time to focus on other vital projects.