UPDATED 22:46 EST / AUGUST 13 2018

CLOUD

Zscaler’s Zero Trust security framework wins U.S. government approval

With remote workers increasingly using cloud networks to access sensitive data, organizations are embracing new security models to ensure that data cannot be leaked.

The Zero Trust philosophy is one such model, providing organizations with a way to maintain control of their corporate data, as well as insights into how that data is being used and by whom.

Zero Trust has already seen considerable adoption by businesses enterprises, and now government agencies are also said to be interested in the model as they too shift to cloud computing.

So the news that Zscaler Inc., a specialist in implementing Zero Trust, has gained U.S. government approval for its cloud access platform should be well received. Zscaler’s main advantage is it eliminates the need for users to access corporate networks in order to connect their devices to business applications. It also reduces the risks associated with unmanaged devices and helps to prevent unauthorized access.

Zscaler’s remote-access platform has just become the first system of its kind to be approved under the U.S. government’s Federal Risk and Authorization Management Progam, and has been granted operational authority by the Federal Communications Commission.

The company, which went public earlier this year, said FedRAMP approval means it can now offer its platform to government agencies that wish to “access sensitive applications and data from anywhere on any device.”

Zero Trust allows organizations to overcome security issues that plague traditional virtual private network security. Previously, the federal government had mandated trusted internet connections via VPNs as the most appropriate security method for remote access, routing traffic through approved computer servers. But Zscaler said increases in traffic via this method have resulted in unacceptable latency for remote users.

With Zero Trust models, access control is no longer based on whether users are requesting that access from inside or outside of the corporate network. Instead, Zero Trust assumes that users requesting access from inside the network are just as untrustworthy as those seeking remote access. As a result, access requests are instead granted based on details about the particular users, their jobs and the security status of the device they’re using.

Zscaler said its platform applies a “software-defined perimeter” that can secure access to government data centers or government clouds such as Amazon Web Services Inc.’s GovCloud. It encrypts everything from the applications to connections and services, the company said. As a result, traffic can bypass the approved servers while still reducing the risk of unauthorized remote access to applications, which is often used to launch denial-of-service and other internet-based attacks.

Zscaler Chief Executive Jay Chaudhry appeared on SiliconANGLE Media’s mobile livestreaming studio theCUBE last year, when he gave an in-depth explanation of the company’s take on Zero Trust security:

“The rise of the mobile workforce and the increased use of cloud-based applications have eroded the security perimeter,” Stephen Kovac, Zscaler’s vice president of global government and compliance, said in a statement. “Agencies need cloud-based security solutions to securely connect trusted users to trusted internal applications.”

Image: Music4life/Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU