Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Products & Solutions

Technology as a Driver, Not an Inhibitor, of Change

November 19, 2021 - 4 min read

Companies striving to implement cloud applications that are always available, from anywhere, may hit several stumbling blocks. Often, they are held back by their existing IT architectures or IT budgets that are set from a purely technological perspective.

Digital transformation delivers far-reaching business benefits, which is how investments need to be justified. This means taking a long-term view, something that is backed up by findings from a KPMG survey of CEOs on how the pandemic accelerated digital transformation. The survey reveals that 31 percent of CEOs rated “difficulty in making quick technology-related decisions” the top challenge, while more than a fifth (22 percent) cited a “lack of insight into future operational scenarios.”

Most organizations take a familiar network-centric approach, which establishes a trusted network, as their starting point. As threats evolve, more security controls are added. However, now that users are accessing more applications from more locations and apps are moving from the data center to the cloud, the internet has become the corporate network. As users are routed across increasingly more complex topologies, networks become less efficient.

A benefits-led approach
Harnessing the benefits of the cloud involves transforming applications, the network, and security–but technology should not be the only driver of change. Digital transformation should take a business benefits-led approach encompassing drivers such as user experience, cost avoidance, reduction of complexity, and maintaining competitiveness.

Users want fast, reliable, and frictionless access to applications and services. Maintaining technologies designed to provide access to applications in the office and using different solutions for remote access can be frustrating. It not only impacts the user experience but reduces productivity. What’s more, multi-cloud environments increase security risks and complexity.

A legacy hub-and-spoke infrastructure model is complex and therefore costly. It also swallows up IT resources. Instead of backhauling traffic, users should be connected automatically to applications via the fastest access path. This user-centric, direct-connect model enables access to apps from all locations, avoids unnecessary costs, reduces complexity, and creates an agile, more competitive foundation for business.

Overcoming business hurdles
Such an approach paves the way for a completely new way of working, but it also challenges the status quo and requires a whole new mindset. Transformative initiatives like these are often paralyzed because it’s unclear how to get started and effectively manage the journey.

A common concern is that less emphasis on secure perimeter walls will reduce control and lessen security. Another common hurdle is visibility into internal applications, users, and the devices they use. It is common for organizations to feel more confident in their knowledge of the internet than their own networks.   

Zero trust is a case in point when it comes to overcoming business transformation hurdles. As a security initiative, zero trust can be hard to connect to a business objective, and harder still to tie to a delivery date.

Security initiatives are extremely important for comprehensive transformation. After all, businesses want to be cybersafe, but projects often get consigned to the back burner until an incident (such as a data breach) accelerates them to top priority.   

This is because security-driven transformation must effectively prove a negative and put a value on something that is intangible. Business cases charged with proving a return on investment can struggle to monetize the pain of a potential security incident. Yet, IT security can, and should, help organizations reach their business goals.

A consistent, secure access policy
Zero trust is a means to an end for improved user experience, reduced complexity, and enhanced security. It is certainly a transformative initiative and the time to embark upon it is before, not after, a security incident. Infrastructure change transforms operations, processes, customer service, and more, and security goes hand-in-hand with it.

Zero trust overhauls the approach that office-based and remote are two separate forms of access for users. Instead, a consistent, secure access policy replaces remote access and is applied wherever users work. This helps companies be competitive because it supports productivity and nimble ways of working in a hybrid world. As a welcome side effect, zero trust brings back the visibility of traffic streams, no matter where a user is located.

Instead of starting from technology and seeking to justify the business case, companies should consider transformation holistically with business objectives and benefits in mind. Before embarking on a major shift in applications and the way they are accessed through SaaS, a wider conversation about the business’ aims needs to take place. The resulting transformation program will not only address immediate needs and fix current problems, but also equip the business to handle the future.

For more on this topic, take a look at why today’s cloud-first, hybrid workforce needs a secure, zero trust foundation. You can also explore secure cloud transformation further in our CIO’s guide.

form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.