securing-trust-with-zscaler
ESG OVERVIEW / governance

Securing Trust

As a provider of critical security services, we work to earn our customers’ trust every day.

We build this trust through the quality of our solution and by operating our business with the highest levels of integrity. Our approach includes robust governance structures, ethical business practices and policies, risk management, and a relentless focus on our core business competency of ensuring data privacy and information security.

As a provider of critical security services, we work to earn our customers’ trust every day.

We build this trust through the quality of our solution and by operating our business with the highest levels of integrity. Our approach includes robust governance structures, ethical business practices and policies, risk management, and a relentless focus on our core business competency of ensuring data privacy and information security.

Growth grounded in ethical business practices

Growth grounded in ethical business practices

From its inception, Zscaler leaders have recognized the importance of values, ethics, and doing the right thing for our customers and business. We expect all our employees to uphold a set of strong ethical principles, as described in our Code of Conduct. We comply with all applicable laws and regulations and fully address all compliance requirements. We constantly seek opportunities for improvement and evaluate and address risks as they arise.

Earning our customers’ trust through transparency and accountability

Earning our customers’ trust through transparency and accountability

Our customers entrust us with safeguarding their sensitive and critical information, so fostering partnerships built on trust, transparency, and accountability is central to our success. We are also committed to providing real-time platform status updates to our customers through our Trust Portal so that they’re aware of any potential issues that may disrupt their work. We are truly customer obsessed and understand that our success depends on our ability to continuously deliver innovative solutions while being open to feedback and acting on it.

Effective governance and ESG oversight

Effective governance and ESG oversight

Our corporate governance framework provides the controls and structure necessary to guide our rapidly growing business while building on our position as the recognized leader in zero trust security. Operationally, internal teams manage risk and provide updates to management and to our board of directors to ensure corporate responsibility.

Our board’s Audit Committee actively oversees risks, including those related to privacy and cybersecurity, among other responsibilities. Our Internal Audit Team continuously reviews company practices and policies to provide reasonable assurance they are in line with best practices and followed throughout our organization. Our board’s Nominating and Corporate Governance Committee oversees and evaluates our ESG policies, programs, and progress. Our ESG team works across our organization to set strategies and goals, build and embed comprehensive programs into operations, and track progress.
 

Managing risk in a rapidly changing world

Managing risk in a rapidly changing world

Our risk management processes are based on adhering to rigorous security, availability, and privacy standards so customers can adopt our services with confidence. We manage risks in critical areas of our enterprise through internal audits and assessments as well as implementing robust procedures and controls.

We regularly consider, review, and conduct drills to prepare for a wide range of potential threats. Our Facilities team has developed emergency response plans for our global offices and talent. Our Cloud Operations team ensures that our Zero Trust Exchange is resilient in the face of disasters or other unplanned emergencies. With more than 150 data centers globally, we build in redundant, dispersed fault tolerance wherever possible. 

Our approach to managing risk also includes certifying our solutions to internationally recognized commercial and government standards and accounting and planning for climate risk.

Our approach to cybersecurity risk

Our approach to cybersecurity risk

We use rigorous risk management processes to maintain the highest levels of confidentiality, integrity, and availability for our customers. Our solution is certified to numerous government and commercial standards, and we constantly evaluate and strengthen the security of our products as the threat landscape evolves. 

Zscaler’s Cyber Risk Management Group identifies and prioritizes protective measures across our products and enterprise while continuously driving improvements to our security approach as the threats evolve. Our in-house global threat research team—Zscaler ThreatLabz—monitors our cloud platform 24/7 to protect our customers from advanced cyberthreats. This team of 100 security experts also shares its research with the wider industry to promote a safer internet.

We have implemented security checks and reviews throughout our development life cycle, and our internal security teams and external auditors continuously evaluate our products. In addition, we perform regular vulnerability scans, risk assessments, and penetration tests to maintain the highest standards of security available.

 

Learn more about our approach to privacy here.

 

embedding-enviromental-efficiency-with-zscaler

Environment

Embedding environmental efficiency

enabling-possiblities-with-zscaler

Social

Enabling possibility for people

defending-against-cyberthreats-and-protecting-data-with-zscaler

Our impact

Modernizing security and protecting privacy