Recently, unbeknownst to me, I dealt with one of Zscaler’s customers, the FCC (https://www.zscaler.com/customers) and was surprised at the efficiency of this government agency. Yesterday I checked the Zscaler (ZS) website and discovered that the FCC is a Zscaler customer. Tony Summerlin was brought in as Sr. Strategic Adviser Consultant to change the FCC’s very antiquated systems, networks, and processes. The agency used Trusted Internet Connections (TIC) and their in-house products running on their own servers. Per video, Mr. Summerlin explained why the FCC abandoned its old system and switched to ZS, summarized below.
TIC makes sure that all traffic going out to the internet is secure. The FCC had to use the Managed Trusted Internet Protocol Services (MTIPS) put in place by the Department of Homeland Security (DHS) and offered by AT&T, CenturyLink (formerly Qwest), Sprint, Verizon Business, https://www.dhs.gov/managed-trusted-internet-protocol-servic…. The problem with this set-up is that it is network centric, i.e. all connections have to go through a center instead of the user having direct access to the cloud or an SaaS provider. For employees having to go through a center is more time consuming and costs the agency a lot of money.
The FCC looked at Zscaler and noticed that it eliminated the path through the center, important since 50% of FCC employees work from home (that sure did surprise me). It made no sense for Mr. Summerlin to have FCC employees go through the VPN (Virtual Private Network) to access the FCC in order to get to SaaS applications the FCC had purchased. He added, “I haven’t found in my entire lifetime one that likes VPN.” I wholeheartedly agree as I have had to use it for almost three years (airports, hotels, motels, none of their internet access is secure even if they give you a password or access code). VPN does slow down internet speed somewhat. In addition, some websites like Cox Communications, several .edu sites and some government agencies are able to recognize blacklisted IP addresses used by VPNs. These sites won’t permit you access at all unless you disconnect your VPN (not smart if you are at Starbucks) or force you to go through the time consuming and totally annoying captcha (https://en.wikipedia.org/wiki/CAPTCHA) to make sure you are a human and not some phishing bot.
The advantages of Zcaler according to Mr. Summerlin are that it provides very trusted and controlled, very secure and monitored connections to the application looked for by the FCC employee. FCC management can also establish policies and procedures within the architecture of Zscaler, allowing it for example to specify what applications and what services are accessible to which individual employee. This ability to establish policies within the ZS framework made Zscaler hugely attractive.
Because of Zscaler, the FCC has been able “to unplug” other products (which were not named). Those in-house products running on FCC servers were extremely expensive. By switching to Zscaler, FCC’s savings were 70%. Why would you want to use those Trusted Internet Connections when you can get the same services in the cloud, more seamless and more secure, that is run off premises and is always kept up to date by Zscaler, saving you money to boot.
To summarize, these are the advantages using Zscaler according to the FCC:
– It is cloud delivered security, no hardware, no expensive extra software;
– it provides trusted, controlled, secured, and monitored connections;
– allows customers to establish policies and procedures within the Zscaler framework;
– provides more seamless and more secure off-premises access;
– is always kept up to date;
– provides substantial cost savings to customers.
Here are useful links for those of you interested in ZS:
– The introduction, http://discussion.fool.com/zscaler-ipo-this-friday-33010342.aspx…
– Possible competition, http://discussion.fool.com/zscaler-where-are-the-security-giants…
–The ZS numbers, http://discussion.fool.com/zscaler-a-look-at-the-numbers-3312932….
I liked what I’ve have read and reviewed so far and started a position when the market tanked today and hope those of you interested in ZS may find this explanation of how their cloud security works useful.