“Within 18 days we were able to scale up and support more than 90 percent of our users in order to support activities, keep productivity high, and keep businesses running with the resources supplied through ZPA. This identifies efficiencies not only in our internal processes but also in the tools we utilize. That is definitely the partnership and relationship Zscaler provided for us.”
– Randy Herold, CISO & CPO, ManpowerGroup (hear the full story in a new webinar with ManpowerGroup)
Organizations have had to quickly adapt in response to the COVID-19 pandemic. Helping employees maintain productivity remotely can be challenging, from setting up remote office space and providing device choices (managed or BYOD) to allowing flexible schedules and providing secure access to data and applications.
Traditionally, IT teams have relied on virtual private networks (VPNs) for remote workers, as a typical pre-pandemic remote workforce consisted of a fraction of all employees who generally were not logging on at the same time.
In this model, remote devices are placed on the corporate network using a VPN to backhaul traffic from the user’s remote location to an inbound gateway hosted within the company’s data center, where the applications would typically reside. As the pandemic emerged and employees began working at home in vast numbers, IT teams aimed to scale quickly by increasing their VPN seats, significantly increasing their budgets in the process.
However, many companies discovered problems with this approach. One problem is from the users’ standpoint: backhauling traffic from remote users to data centers often results in complications (such as dropped connections and repeated logins) and latency, leading users to bypass the VPN thereby defeating the purpose of deploying it in the first place. Another problem is on the IT side: VPN appliances must be managed and patched frequently to prevent them from becoming vulnerable to attack. There have been many recent reports of security holes and bugs detected in VPNs, one of which required more than 800,000 appliances to be updated and patched. VPN appliances are known to increase an organization’s attack surface, and the more you have, the greater the risk.
Since the beginning of the pandemic, cyberattacks in general have increased, and so have attacks on VPNs. With so many people seeking information to keep themselves and their families safe, attackers are using this opportunity to plant malware in links and applications and carry out attacks such as Windows server exploits, remote code exploits, social engineering, and ransomware attacks. Workers who are unaccustomed to working remotely, or are not used to VPNs, have fallen prey to VPN exploits. In one instance, Twitter employees were lured into giving out their VPN credentials. This request didn’t seem out of the ordinary for the users, given the issues they’d been having with VPN use.
ManpowerGroup took a different approach
ManpowerGroup is one of many organizations using the pandemic to look into long-term, pandemic-proof secure solutions. We had the opportunity to chat with Randy Herold, CISO and CPO of ManpowerGroup, to understand the company’s success in providing secure access to employees and quickly adapt to a remote workforce.
ManpowerGroup is a world leader in innovative workforce solutions connecting people to meaningful work across a wide range of skills and industries. ManpowerGroup was already on its journey to digital transformation, but Randy and his team found they had to accelerate it to accommodate the “new normal.” Randy explains that what would have taken the company 18 months to deploy was decided on and implemented in 18 days due to the urgent need for employees to work remotely at full capacity.
Previously, ManpowerGroup used VPN for remote employees, which comprised only a small portion of the company’s workforce. Varied VPN protocols across the company’s global workforce had to keep up with security patches to prevent cyberattacks. Randy describes implementing those security protections as an “operational nightmare.” Randy and his team were looking for a unified solution that would also improve user experience for more than 30,000 employees worldwide.
In its quest for a cloud-driven environment, the company implemented Zscaler Private Access (ZPA) to provide the ability to support multicloud environments with a single ruleset. This decision resulted in flexibility and reassurance that security protections would be in place regardless of the cloud or on-prem solutions employees were accessing.
Learn how ManpowerGroup enabled a fully remote workforce with ZPA and the business value that ZPA has brought since implementation.
Watch the Webinar featuring Randy Herold, CISO and CPO, ManpowerGroup
Kanishka Pandit is a product marketing manager for Zscaler Private Acces