With pipelines delivering natural gas to over two million customers across Arizona, Nevada, and California, maintaining a safe and secure system is paramount for Southwest Gas Corporation (“Southwest Gas” or “Company”). With the COVID-19 pandemic, the Company supported employees’ desire to work remotely, and quickly took the initiative to optimize security to support a hybrid workplace. A coordinated and integrated approach to security was necessary to support and secure this transitional dynamic, while ensuring ease of management across such a wide service area of remote users.

To reduce the technology footprint in the Company data center, a zero trust architecture cloud strategy was adopted, and it continues to play a key role in achieving measures from both a compliance and security perspective.

For those leading digital transformation initiatives in their organizations and seeking a smooth transition, we share the following strategies and tips.

Communicate the vision to gain user acceptance

One of the opportunities we identified was clearly communicating to our users how the transition process to zero trust would result in a new way of accessing cloud resources and administering security. We were provided an account executive at Zscaler who clearly articulated the benefits of transitioning our legacy infrastructure to zero trust. This helped us to address stakeholder questions and elaborate on how the new system would provide a more enhanced and secure user experience.

We communicated with stakeholders how Zscaler would replace the client VPN and our security stack to the cloud, minimizing network issues. This garnered support for the project from stakeholders from a productivity standpoint.

Document security controls ahead of time

To assist in a smooth transition, we documented our security controls in advance—and would recommend this measure to others. For example, by documenting data loss prevention (DLP) policies in advance, during deployment you can expeditiously migrate them to your zero trust architecture. The same methodology would apply to a cloud access security broker (CASB) and application segmentation security controls.

Understand your use cases

Prior to deployment, we suggest you garner a thorough understanding of all use cases. As our company transitioned to remote work during the pandemic, several “nice-to-have” processes were permuted to required business practice.

We recommend performing due diligence for all potential use cases and discerning how many of them your zero trust platform will accommodate. For our project, Zscaler accommodated the majority of our use cases.

Take a phased approach to deployment

Delineating the steps you’ll take in your deployment process should occur up front, during the “preparation phase” of the deployment. What follows is the “replacement phase,” as processes mirror a one-for-one replacement: setting up DLP rules, firewall, SSL decrypt, and items of similar nature. Our team chose to utilize Zscaler as a client access tool, and, only recently, has started migrating workloads to the cloud.

The third phase is the “integration phase” with other applications. We elected to integrate Zscaler with Duo for multi-factor authentication, with Splunk for analytics, and Microsoft Azure AD for identify protection and management.

With our integrations set up, we’re in the final “tuning phase” and anticipate deploying some of the additional technologies and features that Zscaler offers including segmentation within our servers, applications, and network layers, as well as deploy a role-based access enabling regulated access to applications and data paths by department.

Call on the professional services team when you need extra help

During the initial phases of our deployment, we met daily with our professional services team which contributed to a successful implementation.

Given our project's expedited time frame of two months, we were pleased with the results achieved utilizing Zscaler and the knowledge base their team provided throughout implementation.

To learn more, read the case study.