As cyberthreats continue to increase, it is critical for organisations to ensure greater protection and smoother experiences for their users. Rob Standing, Regional Director – Middle East, Turkey and Africa at Zscaler, explains how organisations can ensure a seamless approach to cloud solution adoption and reduce their exposure to attacks.
What is Zero Trust and how does its absence affect an organisation’s security?
Zero Trust seems to be the buzzword in the market right now and can be interpreted differently by every organisation. There’s Zero Trust and there’s SSE (Secure Service Edge) and many vendors claim to have the right solutions.
At Zscaler, however, we focus on securing the user and getting them to their destination in the fastest and most secure manner. So, Zero Trust to us is about giving individuals the least privileged access and how we ensure there’s no exposure of those individuals on any organisation’s network.
What are some of the benefits an organisation will enjoy by implementing the right Zero Trust platform approach?
Our cloud solution – Zero Trust Exchange – services around 35% of the Global 2000 and these customers are finding benefits in three areas; user experience improvement, increased security posture and simplification around tool consolidation, network and architecture.
By implementing a Zero Trust platform, businesses create a one-stop shop for all their security needs and integrate with other providers. For us at Zscaler, this provides greater global protection for the user regardless of where they are or what device they’re using, resulting in a smoother experience.
How can an organisation build a Zero-Trust network model that mitigates increased cyberthreats?
Trust is a journey. As businesses try to migrate away from typical security set-ups, knowing what to trust outside of their network parameter is an important factor. That’s why we are starting with our core functionality which is called Zscaler Internet Access. This allows organisations and individuals to access the Internet, cloud services and private applications without making them publicly available. Our aim here is to replace VPN setups.
Similarly, Zscaler Private Access (ZPA) is a cloud-delivered, zero-trust network access service that provides secure access to all private applications, without the need for a remote access VPN. So, ZPA is a VPN alternative that ensures the network goes dark for everyone, preventing any lateral movement.
On the next phase in building a zero-trust network model, businesses should be implementing deception technology, app to app segmentation and cloud security posture management. So, at the start there are a couple of basic steps every organisation should implement around Internet and private access, and many more to consider thereafter.
Following common trends and the businesses you serve, what is a frequent problem you notice when it comes to cloud solution adoption and what do you think businesses and organisations should be doing differently?
As many companies are on their Digital Transformation journeys, the most significant objection we come across is changing the status quo. Change is not easy and there are a lot of hearts and minds to win over, especially when altering a security setup.
On one hand, you’ve got the operation teams wanting to give everyone a great experience with utilising services. On the other hand, you’ve got the security teams that want to make sure everything is locked down. So, it’s a matter of pleasing both. At Zscaler, we uncover their desired state and give recommendations on achieving that unified goal.
For organisations that do not have a secured cloud solution or are looking to modernise existing workloads, what should be their starting point?
Just reach out to us. I came on board a couple of years ago and was fortunate to start building this region for Zscaler from a vendor presence perspective. Now we have 15 people here! We’ve got very strong engineering, architecture and support teams, who will guide you expertly on your Zero Trust journey.
We also have over 200 customers across the region – so speak to any of those businesses that are utilising us. We’re also very grateful to have big exposure to several C-level individuals from clients around the world and in different verticals that have already benefitted from our solutions.
How are Zero Trust solutions for state or local government different in implementation from private businesses and organisations?
We have over 150 Points of Presence (PoP) around the world, 13 of which sit within the MEA market to ensure that we are compliant with local data regulations and law. But the implementation for either public or private sectors is quite similar if not the same, so companies have a couple of options.
They can either connect all their user traffic to one of our nodes around the world. For example, if an individual travels from Dubai to New York, they can connect to our local New York node with the same policy enforcement or report back to their original Dubai node.
We can also have a hybrid model. In the MEA setup, we can extend our data plane to on-premises. That is either via a virtual service Edge or a private service Edge, depending on the number of users we’re looking to support. This gives businesses all the benefits of our cloud service run by our current operations team.
How unique is Zscaler’s cloud solution adoption approach and how do you use Zero Trust architecture to securely connect users, applications and devices from data loss and provide a great user experience?
For the last 10 years, we have been leaders in the Secure Web Gateway space. Since then, organisations and third parties have coined this Secure Service Edge (SSE).
There are four main components of SSE, which is Secure Web Gateway, Zero Trust Network Access, DLP and CASB. We are a leader in that SSE quadrant. Every 24 hours, we process around 200 billion transactions, block 7 billion threats and update the platform over 200,000 times a day. So, no matter where you are, every client reaps the same benefit.
Furthermore, we have a large portfolio of security features and capabilities spanning the entire globe. This is all done by single-scan multi-action – all made by us. This is important to a customer because we’re able to inspect the packet and then allow or deny it, thus contributing to a better user experience.
Lastly, it’s good to think about the breadth of our platform, about 30% of our global workforce is R&D related, allowing our platform to continually strive for excellence.
In your experience with the cloud and looking at the multiple organisations Zscaler continues to serve, are there any predictions on how activities around the cloud will evolve in the future?
The SSE space is just getting started with companies becoming more aware about it than two years ago. In the last six months, AWS has come to the region and I predict more hyperscalers coming to the MEA market. This is going to drive further cloud adoption as there’s new support and acceptance within the region for these services.
Securing remote workers is a business challenge that is here to stay, with the pandemic demonstrating that people can be effective working from anywhere. So, as we continue to invest in R&D, we’re dedicated to improving our platforms and our growth in Middle East and Africa reflects this.
To conclude, Zscaler has been on a fantastic journey in the MEA market. We are one of the fastest growing regions for the business and I think we’re just getting warmed up, so there’s lots more to come!Click below to share this article