Insurance company Tower has turned to Zscaler to ensure a seamless transition to its ‘work from anywhere’ model. Darren Beattie, Manager of Networks and Access at Tower, tells us: “As a result of Zscaler’s security layers, which are ideal for virtual and remote workers, employees are able to work securely from anywhere without compromising the user experience.”
Tower’s origins go back more than 150 years. The shareholder-owned general insurer consists of 11 branches across New Zealand and eight Pacific islands, providing customers with insurance coverage for their homes, cars, valuables, businesses and more.
Even before the onset of the COVID-19 pandemic and rapid growth of the work-from-anywhere trend, Tower’s goal was to meet the 21st century head-on with customer-focused, digital-first insurance solutions.
Secure and user-friendly access for remote workers
One of the planks of Tower’s digital leadership in the insurance industry is enabling its employees to work from anywhere. For Tower, ensuring secure access was of the utmost importance as the business rolls out its digital and cloud-based platform – already live in Fiji – across its other Pacific centers.
By the end of 2022, Tower aims to be working on one core platform across all locations, more closely aligning its Pacific and New Zealand businesses.
While offering improved security, the company – a big Microsoft 365 user – also sought to ensure a better and more efficient user experience.
A solid recommendation and seamless deployment
Tower’s Digital Transformation is focused on building an agile and competitive business. Traditional hub-and-spoke networks typically can’t accommodate this while also preventing breaches and data loss, yet without disrupting productivity and the user experience.
It needed ‘Zero Trust’, a holistic approach to securing modern organizations, based on least-privilege access and the principle that no user or application should be inherently trusted. In this context, trust is established using user identity and policy based on business context.
Unlike legacy network security technologies that leverage firewalls, VPNs or cloud-based solutions, Zscaler delivers Zero Trust with its cloud-native Zero Trust Exchange platform. Built on proxy architecture, it securely connects users, devices and applications, using business policies over any network.
In collaboration with The Instillery Group, Tower trialled and evaluated a number of different products. Ultimately, it settled on Zscaler based on its high performance and support.
The benefit of the Zero Trust Exchange is that it delivers security at scale; elevates the user experience; eliminates the Internet attack surface and lateral movement of threats; integrates seamlessly and is dynamically scalable and future ready. In Zscaler’s favor was the ability to add a validation and verification step to ensure secure access.
“The initial integration of Zscaler coincided with a new desktop rollout, which meant that deployment was seamless and caused no disruption,” said Darren Beattie, Manager of Networks and Access at Tower.
Zscaler Internet Access allows for easily scaled protection
Zscaler Internet Access delivers Security-as-a-Service from the cloud, eliminating the cost and complexity of traditional secure web gateway approaches. A cloud-generation firewall provides consistent security to all users.
By moving security to a globally distributed cloud, Zscaler brings the Internet gateway closer to the user for a faster experience. Direct Internet connections to a cloud security platform ensure a fast, secure user experience.
Organizations can easily scale protection to all offices or users, regardless of location, and minimize network and appliance infrastructure.
The solution sits between users and the Internet and inspects every byte of traffic inline across multiple security techniques, providing full protection from web and Internet threats.
Zscaler Internet Access has allowed Tower to improve its cybersecurity without the cost and complexity of appliances. Additionally, it has simplified the Microsoft 365 deployment so that the company is in a better position to realize the benefits of cloud and mobility.
Cloud-generation firewall provides consistent security to all users
Zscaler Cloud Firewall, part of the Zscaler Zero Trust Exchange platform, provides firewall controls and advanced and consistent security to all users, regardless of their location, for all ports and protocols.
It enables fast and secure local Internet breakouts and because it’s 100% in the cloud, there’s no hardware to buy, deploy or manage.
Cloud applications, including Microsoft 365, were designed to be accessed directly via the Internet. To securely embrace cloud apps and services, and deliver a fast user experience, Internet traffic needs to be broken out locally.
The challenges of deploying stacks of security appliances in every branch or office, in addition to traditional firewalls being easily overwhelmed by cloud apps, are driving organizations to turn to SD-WAN to establish local Internet breakouts.
A critical component of Zscaler Cloud Firewall is the ability to secure local Internet breakouts without backhauling or duplicating the security appliance stack at each location.
“Zscaler Cloud Firewall logs every session to provide visibility to all users and all locations which means we have access to the information we need, exactly when we need it,” said Beattie.
Advanced cloud sandbox delivers inline detection, prevention and quarantine
Zscaler Cloud Sandbox is built on the Zscaler Zero Trust Exchange. The platform is based on a unique, breakthrough purpose-built proxy architecture for inline detection, prevention and quarantine for unknown attacks, including threats hiding in TLS/SSL traffic.
Driven by advanced Artificial Intelligence and Machine Learning, Cloud Sandbox stops patient-zero attacks with instant verdicts for common file types and automatic quarantine for high-risk unknown threats. As an integrated service in the cloud-native Zscaler platform, protections are continuously updated from more than 160 billion requests per day.
“Cloud Sandbox provides the assurance that users are always protected, irrespective of whether they are on or off the network,” explained Beattie.
Protecting all applications, anywhere and on any device
Not only does Zscaler deliver more than 175,000 unique security updates to the cloud every day but any threat detected in the cloud is immediately blocked. Automatic updates are far beyond what could be accomplished with appliances.
Tower’s core insurance platform is now cloud-based, which provides an additional layer of security. The advanced web protection provided by Zscaler means that Tower can download files when necessary.
“The biggest benefit of Zscaler has been knowing that employees are safeguarded if something goes wrong,” said Beattie.
“We have seen a significant reduction in malware incidents since we implemented Zscaler Zero Trust Exchange. Malware attempts are either blocked or sent off for analysis without impacting users, ensuring a continuous, seamless service.
“Ultimately, my mantra is focused on visible service but invisible operations, which is essentially what we get from Zscaler. Essentially, as a result of Zscaler’s security layers, which are ideal for virtual and remote workers, employees are able to work securely from anywhere without compromising the user experience.”
Ensuring a seamless transition to work from anywhere
Setting employees up to work from home at the start of the COVID-19 pandemic-with laptops, headsets, monitors and phones was a challenge. Once that was accomplished, however, the transition to work-from-home occurred without any interruption, largely due to the implementation of Zscaler.
Tower’s management overhead has been dramatically reduced with automated reports which provide key insights into malware threats, saving the IT team significant time. WAN congestion is easily managed through Zscaler, which prioritizes Microsoft 365 traffic over recreational or less critical traffic. At the same time, data traffic can be directed to a localized data center.
“Not only has Zscaler enabled a better user experience but we’ve also achieved efficiencies, as we’re now able to create a number of different security policies, all under one portal,” said Beattie.
Establishing a supportive partnership
The support of highly qualified technical experts has been key to the successful deployment of Zscaler at Tower.
“From the outset, I’ve been able to ask questions and have them answered by knowledgeable experts, avoiding the aggravation of being referred to a website to troubleshoot issues,” said Beattie.
“I’ve worked with a number of technology vendors in the past and I’ve never had the kind of relationship with them that I enjoy with Zscaler.”
Accelerating a Zero Trust journey
Part of Tower’s transformation process is a Zero Trust journey. Tower is considering full adoption of the Zscaler Zero Trust Exchange to further enhance security and user experience.
“We’ve extended our support agreement and there are definitely opportunities we’ll be considering in the future. We’re confident we won’t go wrong with Zscaler,” said Beattie.
A first for Fiji
Tower was the first insurer to provide a digitized insurance platform in Fiji, something that had not been possible in the past. The insurance company is currently creating digital platforms for all of its Pacific island customers and is working to help educate them about cyber-awareness.