Zscaler has taken the concept of Zero Trust to the next level by applying it at a segmented level, bridging workloads across distributed sites.
The pace of digital transformation across sectors has introduced both innovation and new risks to businesses as they now operate across dispersed locations and digital environments.
With increasing connectivity between branches, data centres, and cloud platforms, organisations face a growing challenge in securing their networks against sophisticated cyber threats.
Recognising these limitations, Zscaler has announced what it claims to be the industry’s first Zero Trust Segmentation solution—designed to secure connectivity and protect against evolving threats in a streamlined and cost-effective manner.
Zero Trust segmentation
The concept of Zero Trust has emerged as a critical security strategy, reshaping how organisations protect their networks by removing implicit trust within their systems.
Zero Trust assumes that no entity, whether inside or outside the network, can be trusted by default.
Currently, digital landscapes implement forms of control through traditional methods like firewalls, VPNs, and SD-WAN.
Yet these solutions have not only become complex and costly but have also inadvertently widened the attack surface, particularly for ransomware.
“Traditional network and security architectures enable the spread of ransomware,” said Dhawal Sharma, EVP of Product Management at Zscaler. “Using firewalls to segment business networks is extremely complex, turning into a never-ending initiative for many organisations.”
Zscaler’s solution therefore takes this principle of Zero Trust a step further, applying it to segmentation across varied environments such as branches, factories, and public clouds.
Zscaler’s segmentation
Zscaler’s new solution is touted as the first of its kind, offering Zero Trust Segmentation to bridge users, devices, and workloads across distributed sites without relying on traditional firewalls or network access controls.
By turning each location into a secure, isolated “island,” Zscaler’s solution enables seamless communication via the cloud without needing complex, hardware-based protections like firewalls.
Zero Trust Segmentation, as Zscaler envisions, applies cloud-based segmentation at a device and workload level. Each branch or location interacts with the Zscaler cloud platform, the Zero Trust Exchange, as an isolated network entity, communicating only through controlled, secure channels that enforce business-specific policies. This design minimises the exposure of public IP addresses and prevents ransomware from spreading between different networked locations.
This approach not only enhances security but simplifies operations, creating a more agile and resilient infrastructure across the business landscape. Unlike traditional networks that assume devices within the network can be trusted, Zero Trust requires that each device and user verifies itself at every interaction.
By implementing Zero Trust Segmentation, Zscaler aims to simplify the connectivity and security of branches, factories, and data centres, treating each as a self-contained entity. This innovation helps prevent threats, like ransomware, from moving across the network.
“Zscaler Zero Trust Branch has been nothing short of transformative,” says Brian Morris, Chief Information Security Officer at Gray Television. “It has not only helped us reduce network costs but has significantly reduced cyber risk and helped accelerate M&A integration.”
This solution, built on recent technology from its AirGap acquisition, can reduce infrastructure costs by up to 50% while implementing advanced protections in mere days.
A seamless verification
Such unique challenges posed by today’s connected branches and factories highlight the need for such solutions.
Many of these sites now rely on IoT devices and operational technology (OT) systems, which have become common entry points for cyber threats due to outdated and vulnerable operating systems.
A recent report by Zscaler’s ThreatLabz found that over half of OT devices use legacy systems no longer supported by security patches, leaving them exposed to attacks.
Zscaler’s solution tackles this by enabling each IoT device within the branch or factory to be segmented securely, removing the need for traditional north-south firewalls and ensuring consistent security coverage.
“As OT devices are becoming increasingly common in our environment, ensuring their security is a top priority,” explains Brian.
The solution also addresses a significant gap in data centre and multi-cloud security. By applying Zero Trust Segmentation to cloud workloads, Zscaler can standardise multi-cloud security, enabling consistent enforcement of security policies across environments.
“Zscaler’s Zero Trust Cloud has empowered us to enforce consistent security across our data centres and multiple clouds, simplifying operations and significantly reducing the risk of lateral threat movement,” says Shanker Ramrakhiani, CISO at IIFL.
Shaping the future of connectivity
Zscaler’s Zero Trust Segmentation marks a significant step in advancing secure connectivity for businesses operating in complex, distributed environments.
The solution’s Zero Trust foundation prioritises security at every network edge, removing implicit trust and treating each entity as a unique access point.
This strategy not only strengthens organisations against the threat of ransomware and lateral attacks but also promises substantial cost savings by removing dependency on legacy network infrastructure.
As businesses increasingly adopt Zero Trust principles, Zscaler’s focus on segmentation could pave the way for a new standard in cybersecurity, from branch offices to cloud networks.
