Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Customer Stories

Must-Haves to Augment Your Zero Trust Architecture

January 16, 2024 - 5 min read

Must-Haves to Augment Your Zero Trust Architecture

With all the fluctuations in interest rates lately, working in the mortgage industry sometimes feels like a wild roller coaster ride. At Guaranteed Rate, we are navigating market volatility by constantly evolving and growing our business with new joint ventures, mergers and acquisitions, and additional financial service offerings beyond mortgage lending. With the expansion of our business, our IT environment has also changed, shifting from a traditional on-premises infrastructure with most employees working on-site to a cloud-first, remote work model. 

Operating a large business in general is getting increasingly complex. There are more people, more applications, and multiple clouds to manage. We currently operate 13 different companies and 500 offices across all 50 states, which means there is a great deal to protect. Like other financial sector organizations, we’re hyper-vigilant about safeguarding sensitive data and meeting tough compliance requirements. And we’re well aware that the financial sector is increasingly targeted by threat actors whose methods of attack grow increasingly more sophisticated by the day. Bad actors are using AI for phishing emails, engaging in ransomware-as-a-service schemes, and divvying up and optimizing different parts of the attack chain to collaborate with each another.

As CISO at Guaranteed Rate, I’m responsible for managing information security, technology governance, risk and compliance, and business continuity. It’s a lot to handle, and one of the ways I have found success in my role is to reduce complexity wherever possible. That’s why I have adopted a zero trust strategy for Guaranteed Rate and focus on implementing platforms over point solutions. I also partner with market-leading companies that are innovators in their space. We rely on vendors with proven technology to ensure we don’t fall behind in our digital transformation—especially in the critical area of cybersecurity. 

When it came time to make the shift to zero trust, we chose Zscaler as our trusted partner. The cloud-native, scalable Zscaler Zero Trust Exchange checked all the boxes: reduced security risk, a vastly improved user experience, lower costs, and far less complexity. With Zscaler, I can manage the policy I set across the entire enterprise from a single dashboard. I’m no longer dealing with multiple technologies from different vendors. This simplifies the environment from both an architectural and management standpoint and provides our company with consistent security across all users, devices, and locations. We’ve been really pleased with Zscaler and are in the process of expanding our implementation with products that I consider must-haves:
As part of our plan to strengthen our zero trust defenses, we’re leveraging Zscaler Digital Experience (ZDX) and Zscaler Risk360 which are part of the AI-powered Zscaler ​​Business Analytics portfolio.


Zscaler Digital Experience

We use ZDX to monitor user experience, identify connectivity and application issues, and resolve support tickets faster. ZDX gives us real-time, high-level insight into the performance of network connections and applications on user devices. When our people inform us that their connections are slow, the help desk can pull objective data from ZDX to pinpoint the problem. Often, it’s the connection to their internet service provider. 

ZDX helps us provide awareness and feedback to our users as to what they might be experiencing and why. It has also helped us to be more proactive from a support standpoint. For instance, if we’re getting an unusually high support call volume from a certain area of the country where users are having trouble accessing certain applications, ZDX helps us to identify the problem by seeing the patterns

Zscaler Risk360

Zscaler Risk360, a risk quantification and visualization framework, is an invaluable risk management tool. With the lean team we have, Risk360 helps us to prioritize our workload. Not all security challenges and their associated risks are equal. With Risk360, we can be more targeted in terms of where we spend our time so that we address the most important risks first.

Risk360 also helps create more transparency by giving us better awareness of where we might have potential blind spots. Through Zscaler Generative AI technology, Risk360 provides cybersecurity maturity assessments that leverage data from third parties to identify additional risk signals.

Zscaler Business Insights

Another part of the Zscaler Business Analytics offering we plan to implement is the Zscaler Business Insights dashboard. This tool ingests SaaS licensing data and user activity from the Zero Trust Exchange to report on SaaS inventory, usage, and spend across a broad footprint of offices, users, and applications. 

With our work environment changing dramatically in recent years from primarily onsite to mostly remote, this tool will enable us to visualize actual application usage at all our locations, including when the applications are being used by date and time, whether they are over capacity or under capacity, and opportunities for consolidation and cost savings. 

The data in these dashboard visualization tools is also useful for reporting and compliance. There’s also a new financial risk model feature in Business Analytics that ties security risk to financial risk. This helps a company like ours be more efficient in how we allocate our resources to reduce risk.

Zscaler Deception

We are really impressed with Zscaler Deception after testing it out and are planning to fully deploy it in 2024. Deception technology proactively lures sophisticated threat actors with fake or decoy passwords, cookies, applications, servers, and users to divert them away from sensitive resources. When an attacker uses one of the deceptive assets, they are identified and intercepted. We want to put more “canary objects” out there as bait for attackers to see what they might catch. 

I see this as a great way to add an extra layer of security against the most sophisticated threats without adding any operational overhead. Our team only gets notified if there are confirmed threats and breaches. We can also set up our zero trust access policies to dynamically cut off access to sensitive areas in real time if or when the canaries are used.

The bottom line is that, with Zscaler, our lean team can do more with less because the platform allows us to run our security program more efficiently. Zscaler requires only a fraction of a full-time resource to manage, and that’s a huge win. In my opinion, Zscaler is the one security technology stack to rule them all.

Read the case study to learn more about the Guaranteed Rate Zscaler deployment.

form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.