The 4 pillars of the Zscaler Zero Trust Exchange: Customers share their successes

We’ve all heard this mantra: “Secure digital transformation requires a true zero trust architecture.” But what exactly does that mean? Zero trust has come a long way. No longer a nebulous, aspirational term equated with the concept “never trust, already verify,” zero trust has evolved into a solid technology framework that enables proactive defense and digital transformation as organizations embrace the cloud and hybrid work models.

As the zero trust platform provider of choice for 40% of the Fortune 500, Zscaler has long been recognized as the leader in zero trust and, by extension, cloud security. The cloud native platform stands on four pillars supporting a comprehensive platform that secures, simplifies, and transforms businesses.

Let’s look at these pillars through the eyes of Zscaler customers and discover why more than 7,700 organizations rely on Zscaler to strengthen their security posture and accelerate their digital transformation.

Pillar 1: Cyberthreat protection

At the core of the first pillar is the assumption that traditional cybersecurity approaches are obsolete in today’s cloud-first world. The attack surface now extends to home offices, cloud applications, and public clouds, and there is an ever-increasing risk of lateral threat movement within highly interconnected hub-and-spoke networks protected by castle-and-moat security models.

The Zscaler Zero Trust Exchange provides a holistic approach to securing users, workloads, IoT/OT devices, and B2B partners. Its advanced zero trust architecture minimizes the attack surface by hiding applications behind the Zscaler security cloud. This prevents lateral threat movement with direct-to-application connectivity that keeps entities off the network and stops attacks and breaches via full inline inspection of all traffic, including encrypted traffic, at scale.

NOV, a technology-driven solutions supplier serving the global energy industry, wanted to reduce costs, improve security, and make life easier for its 32,000 users and IT administrators across 62 countries. Recognizing that the old network perimeter model doesn’t work in a hybrid world, CISO John McLeod began the organization’s transition to a zero trust architecture.

The first step was to transition the entire NOV workforce to Microsoft 365 and implement Zscaler. Since the deployment, NOV has experienced 35 times fewer security events.

“We decided to go ‘all in’ with Zscaler and zero trust,” says McLeod. “A large enterprise with a hybrid network requires modern technology to secure it. Zscaler’s zero trust architecture for building a security service edge (SSE) ecosystem is second to none.”

Pillar 2: Data protection

It only takes a few clicks for sensitive data to fall into the wrong hands—that’s why protecting data in the cloud requires a modern approach. Zscaler protects all users and devices wherever they are with fully integrated data protection across all channels, including unsanctioned applications, authorized applications, and devices.

With AI-powered discovery and classification, Zscaler continuously scans data in motion and at rest, including data residing in SaaS and private applications. Zscaler also discovers shadow IT and risky, unapproved third-party applications users have connected to, as well as any misconfigurations or compliance violations in sanctioned applications.

Dubai-based Careem pioneered the Middle East region’s ride-hailing economy and has since expanded into providing an everyday “super app” that offers transportation, delivery, payment services, and more to millions of customers. With sensitive customer data at stake and the need to comply with financial and data sovereignty rules and regulations across 14 countries, Careem chose Zscaler to address its many security challenges.

The company adopted multiple services within the Zero Trust Exchange to streamline and simplify its security infrastructure. Within the platform, Careem uses Zscaler Data Loss Prevention and cloud access security broker (CASB) to block risky cloud applications and control high-value data across TLS/SSL. These technologies are essential for maintaining regulatory compliance when handling sensitive personal data in the cloud.

“Zscaler simplifies our complex compliance situation by routing traffic appropriately and maintaining the audits we need to substantiate compliance,” says Peeyush Patel, CIO and CISO at Careem.

Pillar 3: Zero Trust connectivity

Traditionally, organizations backhauled traffic destined for cloud applications or the internet to on-premises data centers. Today, they’ve realized this approach is inefficient and expensive. It results in loss of productivity due to latency and exposes the network, devices, and users to potential risk. Zscaler, on the other hand, provides zero trust connectivity and security that grant users anywhere in the world direct access to applications—and no more backhauling to a distant data center. This provides a seamless, faster, and more secure user experience.

Deneen DeFiore, Vice President and CISO at United Airlines, led a zero trust transformation at the company and, in six months, transformed the airline’s technology ecosystem by deploying the Zero Trust Exchange with Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Digital Experience (ZDX).

As a result, the airline’s 80,000 employees working across more than 350 locations now have secure application access and no longer have to deal with VPN performance and connectivity issues. Plus, United Airlines customers can also enjoy a better internet experience both in flight and in terminals.

“Zscaler gives us peace of mind that [traffic] will be secure, regardless of the underlying network, for our employees, customers, and partners,” DeFiore asserts.

Pillar 4: Business analytics

With the world’s largest security cloud processing more than 300 billion transactions per day, Zscaler provides unparalleled business analytics. One example of this analytics capability is digital experience monitoring. Fast, secure, reliable internet connectivity is critical for today’s hybrid workforces. Zscaler Digital Experience (ZDX) provides great visibility from endpoint to application, so internet performance issues can be quickly identified and resolved—often before users even notice them—using trillions of telemetry signals.

The pandemic served as a catalyst for Molson Coors to replace its traditional VPN architecture. Following a security breach in 2021 while many employees were working from home, the beverage company decided to ditch its legacy equipment and transition to the Zero Trust Exchange.

In addition to all the other benefits provided by the zero trust architecture, Molson Coors sped up service desk resolution times—from up to eight hours down to an average of 15 minutes.

“When our average user has an application issue and they call the service desk, it’s a connectivity issue. I look at ZDX to know where the problem is. Whatever the reason, being able to decipher it very quickly is a good experience for the user,” shares Jeremy Bauer, Senior Director of Information Security at Molson Coors. He adds that, now, all 17,000 employees are using ZDX.

Access more inspiring stories of organizations that have secured, simplified, and transformed their business with Zscaler: See our customer testimonials.

About Zscaler Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange™ is the world’s largest inline cloud security platform.