‘Zero Trust’ Vendor Gains U.S. Cloud Approval
As mobile workers access more corporate data stored in the cloud, a secure network architecture called “Zero Trust” is emerging as a way of maintaining control of sensitive data while providing greater visibility into how data is being used and by whom.
Zero Trust is being adopted by enterprises as a way of preventing leakage and all-out data breaches. It also is gaining traction in the federal market as government agencies gradually shift to cloud infrastructure.
Zscaler Inc., a cloud security specialist, said it has gained U.S. approval for its cloud application access platform that eliminates the need to place mobile users on a network in order to connect their device to applications. The approach is also designed to eliminate risks associated with unmanaged devices while reducing the threat of unauthorized access.
Zscaler (NASDAQ: ZS) said Monday (Aug. 13) its remote access platform for government users is the first Zero Trust system approved under the Federal Risk and Authorization Management Program, or FedRAMP. Along with meeting “moderate” security requirements, Zscaler also was granted operational authority by the Federal Communications Commission (FCC).
The San Jose-based company that went public earlier this year said FedRAMP approval would allow it to offer its cloud security service to government agencies “wanting to access sensitive applications and data from anywhere on any device….”
The emerging security architecture is seen as a way of overcoming maintenance and other issues associated with traditional VPN approaches. The federal government previously mandated “trusted Internet connections” via VPNs to ensure that mobile and other external network connections were routed through approved government servers.
As government agencies gradually move to the cloud, the “Trusted Internet Connections” framework has resulted in latency for remote users accessing cloud applications. Zscale said its cloud-based service provides authorized government users with quicker access to internal applications.
The company’s approach leveraged the Zero Trust architecture that replaces corporate trusted networks with a “perimeter” approach. Zscale said its architecture applies a software-defined perimeter rather than appliances to secure access to data hosted in government datacenters or other providers such as the Amazon Web Services (NASDAQ: AMZN) GovCloud. The platform replaces legacy VPN connections while encrypting connections to applications and services.
The trusted connection meets federal encryption guidelines, meaning traffic can bypass the previous VPN requirement.
The security architecture connects users to applications without placing them on a network or exposing applications on the Internet. That, Zscaler said, reduces risks associated with outside devices while reducing the threat of unauthorized access to applications, a frequent route to denial-of-services and other Internet-based attacks.
“The rise of the mobile workforce and the increased use of cloud-based applications have eroded the security perimeter,” said Stephen Kovac, Zscaler’s vice president of global government and compliance. “Agencies need cloud-based security solutions to securely connect trusted users to trusted internal applications.”