Zero trust has become cybersecurity’s guiding principle, spurred by a new crop of expanding cybersecurity threats. Beyond parroting a mantra, however, Zscaler Inc.’s “zero trust everywhere” approach is expanding the principle to reimagine how companies secure users, workloads and third-party relationships.
As traditional network security methods become obsolete, how is Zscaler’s iteration faring in the age of remote work, cloud transformation, IoT expansion and AI proliferation?
“I started Zscaler with the notion that certain users should be able to access only certain applications — they shouldn’t be on the network,” said Jay Chaudhry (pictured), founder, chairman and chief executive officer of Zscaler. “The name zero trust did not exist at that time, but we are excited to see that market has picked it up. We have 50 million users from some 9,000 customers that actually go to our Zero Trust Exchange, which I described as a Switchable Smart OCN that connects them. That’s step one, but how about the workloads? Workloads are the users, the IoT devices. That’s why we are a big fan of Zero Trust Everywhere, and our customers are seeing the benefits of it.”
Chaudhry spoke with theCUBE’s Jackie McGuire for an exclusive conversation on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed Zscaler’s commitment to eliminating trust assumptions in every layer of digital infrastructure. (* Disclosure below.)
‘Zero trust everywhere’ explained
The rapid shift to remote work during the pandemic created a distributed web of branches and home offices. Traditional corporate networks that connected all sites in a mesh allowed malware to spread quickly. Zscaler proposes a radical departure: Treat each branch like a standalone “café,” similar to a mobile device using secure connections rather than being part of the internal network, according to Chaudhry.
“We think the branch should have a simple connection, and we make sure that all communications are streamlined,” he said. “Not just users, even IoT devices, they go through on exchange policy engine, and they’re only allowed to connect to certain destinations or applications. That way, we stop any lateral movement of tags.”
Zscaler applies the zero-trust principle to each branch, ensuring that users and IoT devices only access permitted destinations. Such an architecture blocks lateral movement of malware and simplifies security management, especially as companies shift to hybrid work environments. This, in essence, is the company’s “zero trust everywhere” approach.
As enterprises migrate to the cloud, they face similar risks from outdated security designs. Many organizations still use virtual firewalls and mesh-style networking that allow workloads to freely communicate, introducing immense risk if one workload is compromised. Zscaler’s Cloud Zero Trust Gateway enables organizations to segment workloads and enforce precise communication rules between services, even across different virtual PCs and cloud platforms, Chaudhry explained.
“In the Zscaler Zero Trust Everywhere principle, you get the badge, but then you get escorted to meeting room A, and when the meeting happens, you get escorted out,” he said. “In this metaphor, the room is like an application, and the building is like a data sync. It’s a one-to-one connection — that’s what we do.”
Here’s the complete video interview with Jay Chaudhry:
(* Disclosure: Zscaler Inc. sponsored this segment of theCUBE. Neither Zscaler nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
