Inter Accelerates AI Innovation, Reduces Risk Exposure by $4.25M/Year with Zero Trust

How a bank’s migration to a global digital-first model ignited innovation and rapid expansion

Established in 1994, Inter began as a traditional bank in Brazil with 100,000 customers. More than two decades later, it migrated to a fully digital model. This sparked a bold move to adopt the cloud for its core operations to increase agility, create a seamless customer experience, and facilitate faster innovation and go-to-market initiatives.

Today, Inter serves more than 41 million customers across Brazil, Argentina, the US, and other regions. With a broad financial and nonfinancial product portfolio, it has evolved beyond banking into an ecosystem company, exemplified by its popular Super App, powered by 135 AI models. The app includes access to an online marketplace where customers can purchase everything from groceries and clothing to airline tickets and its popular financial products.

“We have millions of customers and billions of operations and transactions. The challenge is not just to launch new products, but to create value and new experiences for our user base through innovative technology and trusted partnerships,” said CISO Lucas Bernardes. 

Zero trust for a data-intensive and high compute load environment

Meteoric growth through M&As and innovation spawning new products and services ushered in an increasingly complex infrastructure. It consisted of a multicloud environment (AWS, Azure, and GCP), on-premises data centers, virtual machines (VMs), and containerized workflows.

The demands on the infrastructure are massive. The web gateway typically records 18 million daily logins and processes up to 27 billion requests per month. More than 4,000 employees and 3,000 contractors around the globe require rapid, efficient, and secure access on a daily basis. In addition, the organization has approximately 3,000 workloads running in the cloud and processes 33 petabytes of data. 

Inter’s large-scale infrastructure and heterogeneous technology stack created significant integration and risk management challenges. Cyberthreats, such as ransomware and DDoS attacks launched by organized crime rings, created an urgent need for real-time visibility and responsive controls. The disparate environment required unified visibility and consistent policy definition and enforcement to maintain 24/7/365 uptime.

“Our digital-first model reshaped our environment, and we realized that we needed to balance rapid expansion and the speed of innovation with a robust security posture. Zscaler enables us to be both fast-moving and secure. It made sense to adopt the Zscaler platform to implement individualized security controls for every person and workload, regardless of geography,” said Bernardes.

The decision to adopt a zero trust approach was a turning point in Inter’s security-first modernization initiative. Bernardes and the larger Inter team—including Cyber Security Executive Manager Orlandino Neves and Security and Compliance Analyst Pedro Oliveira Ramos—leveraged Zscaler to implement a security modernization and maturity strategy that includes these areas of focus:

• Enhanced security for workloads deployed in multiple clouds
• Seamless, high-performance zero trust access to apps and the internet for users
• Consolidated data security, including SaaS and AI data usage controls
• Full visibility across the entire environment and a risk-aware mitigation plan to strengthen cybersecurity resilience

Securing AI development workloads at scale across the multicloud

The first priority in Inter’s zero trust journey was securing its fast-paced public cloud development environment that relies heavily on AI tools. 

“We want to give our developers as much freedom as possible so they can develop and launch new products as fast as possible. It's like the Autobahn in Germany—you want to make sure vehicles can go at speed and do so safely. We turned to Zscaler to put the necessary guardrails in place,” explained Bernardes.

The team deployed Zscaler zero trust in AWS to gain rapid visibility and secure workload connections. The rollout started in a small non-production environment and then scaled up to the main AWS cloud and other platforms and geographies. Zero Trust Cloud applies zero trust connectivity, along with TLS/SSL traffic inspection and other advanced protections, to secure Inter’s cloud-to-internet and cloud-to-cloud connections across its entire public cloud environment.

With real-time visibility from Zero Trust Cloud, the security team now has a view into AI workloads and developers who are circumventing controls. Zscaler replaces inconsistent access rules and legacy controls and provides truly adaptive cloud security. It enables rapid response and block/allow policy enforcement—with far less friction than legacy firewalls. 

Zscaler Microsegmentation is central to robust cloud security overall and faster, more streamlined M&A integrations through granular risk analysis. Microsegmentation secures workloads by preventing lateral movement of threats while simplifying the network architecture, especially when environments from new acquisitions are introduced. Fine-grained visibility into workload communication and least-privileged access models for server-to-server and app-to-app connections are critical as Inter continues to fuel growth through acquisition.

“Zscaler’s comprehensive platform can solve any user or workload connectivity use cases during M&A integration, in addition to their data security and cyber protection stack. It gives us insights not only into egress and ingress traffic, but also east-west traffic across VMs, Amazon Elastic Compute Cloud (Amazon EC2), and on-premises servers. This enables us to create rules based on what we can see in the platform. It is so much easier than we imagined,” said Bernardes.

Zero trust access at the speed of business for users anytime, anywhere

With thousands of globally distributed users—employees, partners, developers, and third-party contractors—secure, seamless connectivity is vital for maximizing productivity and delivering uninterrupted service to customers. 

Bernardes and his team deployed Zscaler Internet Access (ZIA) to protect all users, regardless of where they work, through full TLS/SSL traffic inspection and identity-, role-, and context-based access policy enforcement on all traffic to the internet and SaaS apps. To secure internal apps, they replaced their legacy VPNs with Zscaler Private Access (ZPA), providing fast and secure zero trust access to private apps across AWS, Azure, and GCP without ever placing users on the network. 

“Zscaler’s granular controls ensure that the right users have access to the right resources at the right time and at the speed of business. Compared to our cumbersome traditional firewalls, Zscaler is more dynamic and intuitive, both for IT and security teams and users,” said Bernardes.

Neves added that, “With Zscaler, we can immediately restrict or enable access for privileged users and external partners—that wasn’t possible before.” 

As an alternative to traditional firewalls, which are not built to protect cloud traffic, Inter deployed Zscaler Cloud Firewall to inspect 100% of web and non-web traffic on all ports and protocols. Zscaler Cloud Sandbox was added to isolate and analyze zero-day threats in real time and keep them from infecting endpoints. 

To further ensure productivity and user satisfaction, the team deployed Zscaler Digital Experience (ZDX), which provides continuous performance visibility and identifies root causes of connectivity problems, enabling faster time-to-resolution. 

Unified data security everywhere

With the increasing volume of sensitive data in use across multiple geographies and cloud platforms, SaaS apps, endpoints, and more, Inter needed unified, pervasive data security. To enable expansion, support rapid AI innovation, maintain regional compliance, and ensure customer trust, Inter turned to Zscaler.

“With the right foundation, we could attract more projects and more investments—meaning we could attract more customers and more revenue. But securing our data with Zscaler is also a cost reduction project for us. Breaches come with legal fees, regulatory penalties, and decreased revenue resulting from reputational damage and erosion of customer trust,” said Oliveira Ramos.

Previously, Inter had a basic set of point solutions: standard data loss prevention (DLP), endpoint DLP, email DLP, and a siloed data security posture management (DSPM) tool. The team realized that these legacy data security products offered limited visibility and resulted in security gaps. They constantly grappled with shadow data sprawl across IaaS, SaaS, endpoint, and unauthorized GenAI apps. 

To determine precisely where Inter needed to close these gaps, the team audited all data channels to identify where sensitive information was stored and in use. The “Project Data Dome” initiative made it clear that Inter needed scalable, context-aware adaptive controls to accommodate its evolving digital footprint. Its global operations also required precise, auditable controls to maintain adherence to stringent regional data privacy regulations.

“Zscaler guided us in creating a vision of what good data security should look like. It’s the only solution that gives us unified adaptive protection across our entire environment, regardless of which cloud or SaaS environment we’re using,” said Oliveira Ramos.

And what does “good” look like? Zscaler Data Security unlocks visibility, comprehensive protection, and policy enforcement of diverse data types across channels, devices, and locations—all under a single, unified pane of glass. 

“Zscaler secures global collaboration and provides visibility and data usage policy enforcement for all SaaS apps in alignment with specific regional compliance mandates. This is an essential enabler for our global expansion strategy,” said Oliveira Ramos. “CASB allows us to use SaaS at scale without worrying about shadow IT—every app is accounted for.” 

Oliveria Ramos and team also deployed Zscaler DSPM, which classifies and identifies sensitive data and access across public clouds, SaaS, AI and large language models (LLMs), databases, and VMs. It assesses risk by tracking vulnerabilities, misconfigurations, and unauthorized or excessive privileges. 

“Before Zscaler DSPM, locating sensitive personal data in our cloud environment was almost impossible. Now, we have 100% visibility. If a workload with critical data is exposed, DSPM gives us real-time alerts, enabling us to detect and close the gap before anything happens. We’ve reduced detection and containment time dramatically—what used to take days now happens in minutes,” said Oliveira Ramos.

Oliveira Ramos noted that DSPM and AI-SPM also provide deep scanning into sensitive data usage in AI models to prevent oversharing, accidental exposure, and potential compliance violations. 

“Our AI environment is evolving really fast. We have a number of private LLMs deployed within Claude on Amazon Bedrock, and that number can change every week. Zscaler's DSPM and AI-SPM give us more visibility into the data used within those AI models and tell us if there's any associated risk." Oliveira Ramos explained.

Operational efficiency goes hand in hand with improved risk management

The sheer scale of Inter’s environment requires a new level of security efficiency and intelligence. Zscaler Risk360 gives a holistic, real-time view into top risk factors across Inter’s environment. The actionable insights and guided workflows help teams implement zero trust policies that mitigate these risks quickly and effectively.

“We are currently focused on how to have strategic conversations with our executives about cyber risk. Through Risk360’s reporting, we can give them a clear perspective of where we are right now, our benchmarks, and how we compare to other companies,” said Bernardes. “Risk360 also maps risk to potential financial losses to help guide decisions about future security investments.”

Risk360 has demonstrated the impact of Inter’s larger security-first modernization efforts by quantifying cyber outcomes, including avoidance of potential financial losses and overall risk reduction. Improvements made within Zscaler are poised to decrease annual risk exposure by $4.25M. Additionally, Inter has now more than doubled its defenses against malicious behaviors, achieving a 113% increase in coverage as benchmarked against the CIS Critical Security Controls framework. 

To further enhance risk management, the team will soon be implementing Zscaler Unified Vulnerability Management (UVM), which leverages an aggregated and correlated data set to gain insights into which security gaps need to be mitigated first. Automated vulnerability aggregation and prioritization, as well as streamlined remediation at scale will eliminate manual effort and allow teams to respond swiftly to high-priority risks.

Zscaler’s consolidated platform also enables policy updates across Inter’s environment in just seconds while reducing tool sprawl, analyst onboarding friction, and administrative labor for the growing security team. 

Zero trust: A secure path to expansion and accelerated innovation

Zscaler fully supports Inter’s vision for growth, agility, and secure digital transformation on a global scale. By consolidating security controls, securing the multicloud, and providing actionable intelligence, Zscaler has accelerated the organization’s business outcomes and operational maturity.

Zscaler also plays an important role in accelerating innovation. 

“Security isn’t just a checkbox for us. It’s how we launch new services, work with partners, and expand globally. In our software development process, we integrate Zscaler’s zero trust controls with continuous integration and continuous delivery pipelines to ensure that every update and release is checked for risk,” remarked Neves.

Bernardes also pointed to how Zscaler helps reduce operational expenses and complexity while improving employee retention.

“It’s not easy to find and retain talented security analysts in today’s competitive market. Zscaler’s easy-to-use, unified platform eliminates the need for our analysts to learn and juggle multiple unintegrated systems. Zscaler has helped us significantly lower our training costs while boosting job satisfaction—and that makes a huge difference for us as we continue to expand our global footprint,” he said.

Oliveira Ramos went on to explain how Zscaler’s robust and comprehensive data security contributes to Inter’s reputation of trustworthiness. It allows the bank to avoid costly noncompliance penalties, prevent breaches, and attract customers and investors, which translates into increased revenues and funding for new initiatives.

“Zscaler is a key part of our strategy. The security guardrails it provides enable us to grow faster, make new products available to our customers, and provide simplified and secure connectivity to assets for our global users,” said Bernardes. “Our partnership with Zscaler has empowered us to confidently scale services to millions of customers, solidifying our position as a digital finance leader and ecosystem innovator.”