Zscaler Cloud Platform

ZIA Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization

A federal building

I am proud to share that the FedRAMP Joint Authorization Board (JAB) has announced that Zscaler Internet Access (ZIA) achieved High Authority to Operate. This federal government certification represents the first-ever Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution to achieve FedRAMP’s highest authorization. ZIA now meets the stringent requirements of civilian agencies with high security requirements, as well as Department of Defense (DoD) and intelligence organizations.

Given that JAB only selects a limited number of cloud services for review each year based on government-wide demand, our selection validates the strength of our solution and demonstrated ability to help Federal agencies, the Department of Defense (DoD), and the Intel community strengthen cyber defenses using Zero Trust

We’ve seen tremendous digital transformation progress in government over the past few years, and with this transformation, new vulnerabilities are also on the rise. The attack surface is bigger, more complex, and harder to protect. Zscaler is leading efforts to implement Zero Trust solutions across our patented Zero Trust Exchange to make cloud environments safer across Federal Civilian agencies, the DoD, and the Intelligence community. 

This milestone builds on our announcement that Zscaler Private Access (ZPA) achieved DoD IL5 and more recently, Zscaler’s Digital Experience (ZDX) service achieved FedRAMP authorization. With these achievements, the Zscaler Zero Trust Exchange, which includes ZIA and ZPA, can secure the U.S. government’s data at the moderate and high impact levels. 

ZIA in action

Zscaler Internet Access – Government (Secure Web Gateway – vTIC)™ is a multi-tenant Cloud Security Platform known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet modernization goals of shared services, mobile workforce enablement, improved FITARA scores, and more. Zscaler powers the shift to a modern, direct-to-cloud, Zero Trust architecture, regardless of device or user location.

The Zscaler multi-tenant Cloud Security Platform applies policies set by the agency to securely connect the right user to the right application. As a Secure Access Service Edge (SASE) service, the Zscaler Cloud Security Platform is built from the ground up to provide comprehensive network security functions. Unlike traditional hub-and-spoke architectures where traffic is backhauled over dedicated wide area networks via VPNs to centralized gateways, Zscaler routes traffic locally and securely to the internet over any connection or device from anywhere. The Zscaler SASE architecture shifts security functions to focus on protecting the user/device in any location, rather than securing a network perimeter. This ensures that users get secure, fast, and local connections no matter where they connect.

Moving to a security-as-a-service model decouples your organization’s security requirements from the responsibilities of maintaining infrastructure and updates.

Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE), a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including Zero Trust, and met TIC 3.0 use cases. 

ZIA Improves security controls – Keeping IT focused on innovation with TIC in the cloud per the President’s Executive Order

Federal IT leaders can improve on the who, what, where, when, and how they see, protect, and control user traffic to the internet by moving TIC security controls and other advanced security services to a cloud platform. The goal: immediate remediation on a global scale. This approach offers agencies global internet access and peering with FedRAMP-authorized applications. In addition, agencies can capture extensive log/telemetry data and store all agency data on U.S. soil with citizen-only access. Agencies can also provide the telemetry data to CISA’s Cloud Log Aggregation Warehouse (CLAW). With ZIA at the Moderate and High Baseline levels, agencies will have access to global TIC or more secure U.S.-only TIC solutions.

Achieving a Zero Trust model with the Zscaler Zero Trust Exchange

Through our Zero Trust Exchange and FedRAMP high solutions, all Federal agencies can achieve the Zero Trust goals mandated in the Cybersecurity Executive Order and implement CISA’s TIC 3.0 guidelines.

Most agencies will need to approach Zero Trust in bite-sized chunks, setting priorities based on their unique needs. Check out our Zero Trust Playbook for prescriptive guidance on key steps that can be taken over time, leveraging a security ecosystem to achieve the end goal of Zero Trust.

Zscaler ZIA will join with Zscaler ZPA High to offer the Zscaler “Zero Trust Exchange” completely at the High baseline. Zscaler is the first and only ZTA and SASE platform to be offered end to end at both moderate and high baseline.

Stay up to date with the latest digital transformation tips and news.