www.zscaler.com Open in urlscan Pro
2606:4700::6812:1c4a  Public Scan

Form analysis
4 forms found in the DOM

<form class="mb-[3rem] pt-[4.8rem] md:mb-[4.2rem] md:pt-[3rem]">
  <div class="relative"><input placeholder="What are you looking for?" aria-label="job-search-input" class="
  border-0
  focus:ring-0
  w-full
  font-normal
  text-[2rem]
  leading-10
  -tracking-[0.01rem]
  py-[1.3rem]
  pr-[3rem]
  bg-[transparent]
  focus:outline-none
  md:text-[3.2rem]
  md:leading-[3.5rem]
  border-b-[0.3rem]
  autofill:shadow-[0 0 0px 1000px transparent inset]
  autofill:transition-[background-color]
  autofill:duration-[5000s]
  autofill:ease-in-out
   text-darkBlue border-b-pink autofill:text-darkBlue" value=""></div>
</form>

<form class="mb-[3rem] pt-[4.8rem] md:mb-[4.2rem] md:pt-[3rem]">
  <div class="relative"><input placeholder="What are you looking for?" aria-label="job-search-input" class="
  border-0
  focus:ring-0
  w-full
  font-normal
  text-[2rem]
  leading-10
  -tracking-[0.01rem]
  py-[1.3rem]
  pr-[3rem]
  bg-[transparent]
  focus:outline-none
  md:text-[3.2rem]
  md:leading-[3.5rem]
  border-b-[0.3rem]
  autofill:shadow-[0 0 0px 1000px transparent inset]
  autofill:transition-[background-color]
  autofill:duration-[5000s]
  autofill:ease-in-out
   text-darkBlue border-b-pink autofill:text-darkBlue" value=""></div>
</form>

<form class="marketoForm_root__Wkgni marketoForm_variant_cta_module__IwKzs" id="mktoForm_7971" style="opacity:0"></form>

<form class="marketoForm_root__Wkgni marketoForm_variant_footer__jwLCq" id="mktoForm_1944" style="opacity:0"></form>

Text Content

This site uses JavaScript to provide a number of functions, to use this site
please enable JavaScript in your browser.
OpenSearch

ThreatLabz

CXO REvolutionaries

Careers

Partners

Support

ShowContact Us

Get in touch

1-408-533-0288

Chat with us

ShowSign In

Zscaler Cloud Portal | Admin

Zscaler Cloud Portal One | Admin

Zscaler Cloud Portal Two | Admin

Zscaler Cloud Portal Three | Admin

Zscaler Cloud Portal Beta | Admin

admin.zscloud.net

Zscaler Private Access Cloud Portal One | Admin

Zscaler Private Access Cloud Portal Two | Admin


Home
Platform

Products

Solutions

Resources

Company

Request a demo
Secure the Workforce


Provide users with seamless, secure, reliable access to applications and data.

Secure the Cloud


Build and run secure cloud apps, enable zero trust cloud connectivity, and
protect workloads from data center to cloud.

Secure IoT/OT


Provide zero trust connectivity for IoT and OT devices and secure remote access
to OT systems.

Secure B2B


Provide zero trust site-to-site connectivity and reliable access to B2B apps for
partners.


Why Zscaler
Leadership in AI/ML
Zscaler SASE
Zscaler SSE
Analyst Recognition
Customer Stories
Partner Ecosystem
Reduce Your Carbon Footprint

GARTNER REPORT

Zscaler: A Leader in the 2024 Gartner® Magic Quadrant™ for Security Service Edge
(SSE)

Get the report


Cyberthreat Protection

Secure Internet Access (ZIA)
Secure Private Access (ZPA)
Zero Trust Firewall
Sandbox
Browser Isolation
Data Protection

Web and Email DLP
Multi-Mode CASB
Endpoint DLP
Unified SaaS Security
Gen AI Security
DSPM
BYOD Security
Zero Trust Networking

Zero Trust SASE
Zero Trust SD-WAN
Workload Communications
Zero Trust for IoT/OT
Zero Trust Device Segmentation
Digital Experience (ZDX)
Risk Management

Risk360
Unified Vulnerability Management
Breach Predictor
Deception
Identity Threat Detection and Response
Managed Threat Hunting
Business Insights

USE CASES

Replace VPN
Stop Ransomware
Replace VDI
Secure Your Data
Optimize Digital Experiences
Deploy Zero Trust SASE
Deploy BYOD Securely
Reduce Cyber Risk
Right-Size SaaS & Office Space Footprint
Accelerate M&A and Divestitures

INDUSTRY & MARKET SOLUTIONS

Healthcare
Banking & Financial Services
US Public Sector
US Federal Government
US State & Local Government
Education
Australia Government
China Government

PARTNERS

Explore Our Partners
Become a Partner
Partner Portal

TECHNOLOGY PARTNERS

Explore Technology Partners
Microsoft
CrowdStrike
AWS
Okta
Rubrik
SAP
USE CASES

Replace VPN
Stop Ransomware
Replace VDI
Secure Your Data
Optimize Digital Experiences
Deploy Zero Trust SASE
Deploy BYOD Securely
Reduce Cyber Risk
Right-Size SaaS & Office Space Footprint
Accelerate M&A and Divestitures
INDUSTRY & MARKET SOLUTIONS

Healthcare
Banking & Financial Services
US Public Sector
US Federal Government
US State & Local Government
Education
Australia Government
China Government
PARTNERS

Explore Our Partners
Become a Partner
Partner Portal
TECHNOLOGY PARTNERS

Explore Technology Partners
Microsoft
CrowdStrike
AWS
Okta
Rubrik
SAP

Resource Center

Resource Library
Blog
Customer Success Stories
Webinars
Zpedia

Events & Trainings

Upcoming Events
Zenith Live
Zscaler Academy

Security Research & Services

ThreatLabz Analytics
Security Advisory Updates
Zero Trust Resources


Tools

Security Preview
Security and Risk Assessment
Disclose a Vulnerability
Executive Insights App
Ransomware Protection ROI Calculator

Community & Support

Customer Success Center
Zenith Community
CXO REvolutionaries
Zscaler Help Portal

CXO REVOLUTIONARIES

Amplifying the voices of real-world digital and zero trust pioneers

Visit now


Resource Center

Resource Library
Blog
Customer Success Stories
Webinars
Zpedia
Events & Trainings

Upcoming Events
Zenith Live
Zscaler Academy
Security Research & Services

ThreatLabz Analytics
Security Advisory Updates
Zero Trust Resources

Tools

Security Preview
Security and Risk Assessment
Disclose a Vulnerability
Executive Insights App
Ransomware Protection ROI Calculator
Community & Support

Customer Success Center
Zenith Community
CXO REvolutionaries
Zscaler Help Portal
About Zscaler


Discover how it began and where it’s going

Partners


Meet our partners and explore system integrators and technology alliances

News & Announcements


Stay up to date with the latest news

Leadership Team


Meet our management team

Partner Integrations


Explore our technology partner integrations

Investor Relations


See news, stock information, and quarterly reports

Environmental, Social & Governance


Learn about our ESG approach

Careers


Join our mission

Press Center


Find everything you need to cover Zscaler

Compliance


Understand our adherence to rigorous standards

Zenith Ventures


Learn about our strategic startup investments


Home
Request a demo





Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Products & Solutions


HOW TO CUT IT COST AND COMPLEXITY WITH A ZERO TRUST ARCHITECTURE

JACOB SERPA - Sr. Product Marketing Manager
September 02, 2022 - 8 min read



Zero Trust Architecture


Contents

 1. Article
 2. More blogs

Copy URL
Copy URL


From supply chain issues and inflation challenges to mere competitive pressures
from other organizations, the last two years have highlighted the need for
businesses to reduce their costs. 

These recent times have placed extra financial stress on businesses of all
sizes—but particularly so on small- to medium-sized enterprise and commercial
organizations that lack the financial bulk of larger corporations like those
named among the S&P 500. As such, it is imperative for these organizations to
embrace the cloud, digital transformation, and remote work, all of which have
proven to be effective for reducing cost and complexity in the enterprise. 

However, clinging to legacy, perimeter-based security solutions during such a
transition can counteract the desired cost and complexity benefits. If
organizations don’t transform their security and instead try to force-fit legacy
security approaches in the cloud-first world, cost and complexity will increase,
and improper defenses that aren’t designed for modern security needs will lead
to poor data and threat protection. This is exacerbated by the current economic
situation compelling organizations to reduce their IT budgets, which also
impacts their ability to respond to cybersecurity threats (with breaches leading
to additional costs detailed further below). These challenges are particularly
true under expensive legacy architectures that rely upon appliances with high
upfront CAPEX investments. 

Fortunately, the adoption of a zero trust architecture guards against the above
issues. It stops costly breaches and decreases risk while providing companies
with reduced complexity, a better user experience, and other benefits resulting
in improved economic value. This means that organizations don’t have to choose
between better cybersecurity and lower costs—they can do it all with zero trust.

So, what is the difference between these two architectures? 

The legacy, perimeter-oriented approach, also known as castle-and-moat security,
was designed for an era when users, apps, and data were on premises. Because the
network was where everything happened, efforts were focused on securing access
to the corporate network as a whole. Unfortunately, once entities made their way
onto the network, there was little to no protection against lateral movement
across resources (meaning that the scope of breaches could easily balloon). For
users to receive protections, they had to be connected to the network, where
security was enforced. Unfortunately, this architecture involved tools like VPNs
and firewalls, which could be identified on the web and made to serve as an
effective target for malicious actors. 

A zero trust architecture, on the other hand, recognizes that users, apps, and
data have all left the premises and the network. So, instead of connecting
entities to the network as a whole (which would allow them to access all of its
connected resources), zero trust security connects entities to specific apps and
resources according to the principle of least-privileged access, whereby users
can only connect to the resources for which they have authorization, at the
moment they need access. This architecture delivers security as a cloud service
(avoiding upfront CAPEX costs), from as close to the end user as possible,
rather than shackling security to the network, and ensures that resources are
hidden behind a zero trust platform to eliminate the attack surface. 

Below are some examples of how perimeter-based security architectures (along
with VPNs, firewalls, and other legacy point products), increase cost and
complexity—as well as how zero trust can help.

Armies of appliances

Legacy security architectures require the use of numerous security appliances,
which are expensive to purchase, deploy, and maintain—regardless of whether they
are physical or virtual appliances. As organizations grow, supporting and
protecting growing numbers of users and office locations requires more and/or
upgraded appliances, the costs of which quickly add up. These financial
drawbacks are further amplified when organizations attempt to embrace secure
remote work by purchasing additional VPN appliances, or try to secure cloud
applications and workloads by deploying additional virtual firewalls. In
general, tying security to the network and attempting to establish a safe
(ever-expanding) perimeter with a large (ever-growing) number of appliances is
not an ideal strategy. 

As described above, a zero trust architecture is one in which security is
decoupled from the network and traffic isn’t forced through the stack of
perimeter-focused appliances therein. Instead, zero trust vendors deliver
security as a service via the cloud. This means that the enterprise has no
appliances to purchase, deploy, maintain, or manage. Rather, the zero trust
vendor is tasked with ensuring that their services are performant and scalable
for their customers. As a result, appliance-based costs are reduced with a zero
trust architecture. Additionally, reliance on costly private networks is
minimized because traffic is sent to the vendor’s security cloud and doesn’t
have to be routed to the network for security.

Performance and productivity

As was alluded to above, traditional security architectures lack the ability to
scale quickly with growing global workforces and growing traffic volumes. This
is because appliances have static capacities to service fixed numbers of users.
As such, organizations with a traditional architecture often have to choose
between overprovisioning (which leads to appliances having unused capacity) or
accepting a lack of scalability (which entails throttled performance and hampers
user productivity when more traffic is funneled through appliances). Both
alternatives fail to benefit the business when it comes to cost. This isn’t even
to mention the performance and user experience challenges that arise when
security is tied to the data center and distant users have traffic backhauled to
a stack of appliances before reaching their end destinations on the web; this
also leads to foregone productivity and cost. 

Relying upon a zero trust security cloud, rather than backhauling traffic to a
fleet of rigid appliances (whether physical or virtual), ensures optimal
performance, scalability, and user experience, all of which amount to decreased
cost. When an enterprise experiences mass hiring, a surge in user traffic, or a
shift in where users are geographically located (for example, away from HQ), the
vendor’s security cloud has the global scale and scope to handle the changes
without any issues (provided their infrastructure is mature enough to do so). 

Disjointed tools

When security is received from a patchwork of legacy point products with
separate dashboards and interfaces, it leads to multiple challenges. Duplicating
or creating net-new policies across such solutions unnecessarily burdens
administrators. Additionally, having to dedicate existing resources or hire and
train new team members to deploy, maintain, and manage legacy solutions is
costly and cumbersome, and often distracts from more important projects. In
other words, a complex tapestry of tools increases the burden on IT and security
teams and wastes resources. Ultimately, the negative effects eventually reach
the end user, as passing traffic through several solutions results in latency
and decreased productivity (which also creates added costs for the enterprise).

In contrast, a complete zero trust platform is designed to deliver comprehensive
security across the entire IT ecosystem through one offering with one admin
interface. As a result, less upkeep is required, duplicating policies becomes a
thing of the past, and administrator time (and the business’ money) is saved.
When a zero trust platform can perform multiple policy actions in a single scan,
organizations can avoid chaining solutions together, which streamlines the user
experience while ensuring solid security. 

Breaches

According to the IBM Cost of a Data Breach 2021 Report, breach costs rose from
an average of $3.86 million USD in 2020 to $4.24 million USD in 2021, which
marked the highest average total cost in the 17-year history of the report.
Costs associated with breaches can take a variety of forms; for example, hours
of lost time, resources, and productivity for admins and end users, legal fees,
ransoms from malicious actors, brand reputation harm that can reduce sales, and
hefty fines from noncompliance with government and commercial security
standards. 

Unfortunately, as organizations undergo digital transformation, they often fail
to undergo the security transformation necessary to stop breaches and their
associated costs. Legacy, perimeter-based architectures weren’t designed to
follow users and data off premises. They only serve to expand the attack surface
and allow lateral movement across resources once users make it onto the network.
Additionally, their capabilities cannot address modern use cases like the need
to scan data within SaaS applications, identify exploitable misconfigurations in
IaaS instances, and more.

With a modern zero trust, cloud-based architecture, you can avoid costly
breaches and outcomes like compliance violations. As mentioned previously, they
are designed to deliver security anywhere around the globe (not just on the
network) and scale to the exact needs of the enterprise. When enterprise
applications are secured by a zero trust platform, they are rendered invisible
to the public to eliminate the attack surface. Because they securely connect
entities to individual resources rather than the network as a whole, lateral
threat movement is prevented. In addition to these benefits, zero trust
offerings are built to address the modern security use cases that organizations
must handle if they are to stop sophisticated hackers and ward off potential
breaches. This makes them indispensable for reducing costs in the modern cloud
era. 

Where do we go from here?

The Zscaler Zero Trust Exchange is an integrated platform of services that acts
as an intelligent switchboard to secure user-to-app, app-to-app, and
machine-to-machine communications–over any network and any location. It empowers
customers to embrace a zero trust architecture. Operating across 150 data
centers worldwide, the Zero Trust Exchange helps reduce business risk while
enabling organizations to realize the promise of digital transformation;
including increased productivity, simplified IT, reduced costs, and an increase
in business agility. 

In a recent ESG study, it was determined that Zscaler provides enterprise
customers an average ROI of 139% over legacy security architectures.

To learn more about the ways that Zscaler can save your organization money,
download the full ESG report.
 





Thank you for reading


WAS THIS POST USEFUL?

Yes, very!

Not really





EXPLORE MORE ZSCALER BLOGS

Exceptional Customer Experiences Begin at Home
Read post
The Power of Zscaler Intelligence: Generative AI and Holistic View of Risk
Read post
Take Cloud Native Security to the Next Level with Integrated DLP and Threat
Intel
Read post
The Impact of Public Cloud Across Your Organization
Read post

01 / 02

Go to next slideGo to previous slide


GET THE LATEST ZSCALER BLOG UPDATES IN YOUR INBOX



By submitting the form, you are agreeing to our privacy policy.






THE ZSCALER EXPERIENCE

Learn about:

Your world, securedZero TrustSecure Access Service Edge (SASE)Security Service
Edge (SSE)Zero Trust Network Access (ZTNA)Secure Web Gateway (SWG)Cloud Access
Security Broker (CASB)Cloud Native Application Protection Platform (CNAPP)Data
Security Posture Management (DSPM)
PRODUCTS & SOLUTIONS
Secure Your Users

Secure Your Workloads

Secure Your IoT and OT

Secure Internet Access (ZIA)

Data Protection (CASB/DLP)

Digital Experience (ZDX)

Industry & Market Solutions

Partner Integrations

Zscaler Client Connector

PLATFORM
Zero Trust Exchange Platform

Secure Digital Transformation

Network Transformation

Application Transformation

Security Transformation

RESOURCES
Resource Library

Customer Success Stories

Security Preview

Threat Assessment Tools

ThreatLabz Analytics & Insights

Upcoming Events

Blog

Zscaler Academy

CXO Revolutionaries

Zpedia

Ransomware Protection ROI Calculator

POPULAR LINKS
Pricing & Plans

About Zscaler

Leadership Team

Career Opportunities

Find or Become a Partner

Customer Success Center

Investor Relations

Press Center

News & Announcements

ESG

Compliance

Contact Zscaler

Home
FrançaisDeutschItaliano日本Castellano - MexicoCastellano - EspañaPortugues -
Brasil

Zscaler is universally recognized as the leader in zero trust. Leveraging the
largest security cloud on the planet, Zscaler anticipates, secures, and
simplifies the experience of doing business for the world's most established
companies.


FrançaisDeutschItaliano日本Castellano - MexicoCastellano - EspañaPortugues -
Brasil

Visit us on FacebookLinkedinFollow us on TwitterSubscribe our Youtube Channel
SitemapPrivacyLegalSecurity
© 2024 Zscaler, Inc.

All rights reserved. Zscaler™ and other trademarks listed at
zscaler.com/legal/trademarks are either (i) registered trademarks or service
marks or (ii) trademarks or service marks of Zscaler, Inc. in the United States
and/or other countries. Any other trademarks are the properties of their
respective owners.