Zscaler releases new data protection innovations in Zscaler Zero Trust Exchange
September 2020 by Marc Jacob
Zscaler, Inc. announced new data protection innovations in the ZscalerTM Zero Trust Exchange that protect organisations in the work-from-anywhere era by securely connecting users, devices, and applications. The Zscaler Zero Trust Exchange, built on a Secure Access Services Edge (SASE) framework, expanded its data protection capabilities with a suite of services that are now generally available. These services include Cloud Access Security Broker (CASB), Cloud Security Posture Management (CSPM) for SaaS applications, and Cloud Browser Isolation.
Legacy security offerings were designed decades ago to create network-based perimeters that connect people in an office to applications in a data centre on a corporate network. The world was already trending to a work-from-anywhere environment with mobile users and applications delivered through the cloud, but the global pandemic rapidly accelerated this digital transformation.
The Zscaler Zero Trust Exchange was built with a new approach that creates zero trust connections between the users and applications directly to solve this unique challenge. As a scalable, cloud-native platform, it enables digital transformation by securely connecting users, devices, and applications anywhere, without relying on network-wide access. This platform is delivered by five key architecture attributes, unique to the Zscaler Zero Trust Exchange, that together enable organisations to provide strong security and a great user experience to their employees and customers. The attributes are:
• Zero attack surface to ensure that organisations’ infrastructure and applications are hidden from discovery and attack
• Connect a user to an application, not a network to prevent unsafe connections and attacks that spread across an organisation by only allowing users to access the intended application instead of relying on network-based access
• Multi-tenant architecture, built from the ground up, for the scale, reliability and privacy a cloud and mobile world now demands
• Proxy architecture, not pass-through to check for encrypted threats and data exposure in real time with machine learning and actively prevent their impacts from occurring
• Secure access service edge (SASE) architecture to improve the user experience with a proprietary cloud distributed across 150+ locations globally so connections and security happen locally, which reduces latency and improves security response times
The work-from-anywhere era challenge is highlighted when it comes to data protection and compliance assurance. With applications and data widely distributed across multiple cloud providers and SaaS vendors, it is imperative that data exposure risk is measurable and automatically remediated. The new, unified data protection offering now added to the Zscaler Zero Trust Exchange provides unified reporting and automatic remediation of violations across locations, applications and users. In addition to the existing Cloud DLP capabilities, new data protection capabilities include:
• Cloud Access Security Broker (CASB): Zscaler CASB provides both inline security and out-of-band protections for SaaS applications providing secure access control and reporting for thousands of SaaS applications. This enables organisations to control Shadow IT as well as cloud usage to prevent data exposure and ensure compliance standards such as HIPAA, PCI, and GDPR are maintained
• Cloud Security Posture Management for SaaS applications (CSPM): Zscaler CSPM continuously identifies and remediates application misconfigurations in SaaS applications, such as Microsoft Office 365, to protect against data breaches and compliance violations. Zscaler CSPM does this as part of the comprehensive data protection capabilities in the Zscaler Zero Trust Exchange
• Cloud Browser Isolation: Zscaler Cloud Browser Isolation acts as an intermediary between the user and the application intercepting the data and presenting it as images instead of the data itself. This lets the user do their job unaware that the data never actually left the cloud while ensuring the organisation’s data is safe and secure
“The innovations across our data protection suite help our customers better reduce the risk of data exposure and compliance violations, all on the same platform that makes it easier than ever to safely connect people to business applications,” said Amit Sinha, President and Chief Technology Officer of Zscaler. “There is a new set of business requirements now that employees and applications are more distributed than ever before, and they require a cloud-first platform built on the SASE framework. The architecture of the Zscaler Zero Trust Exchange ensures Zscaler’s ability to deliver strong security and a great user experience in this new work-from-anywhere world.”
The Zscaler Zero Trust Exchange is the largest cloud security platform in the world, processing more than 120 billion transactions daily and detecting about 100 million threats per day from users across 185 countries. Zscaler serves more than 4,500 customers across all major industries and including over 450 of the Forbes Global 2000.