Modernizing enterprise digital infrastructure takes time and focus. Transformation may begin with a top-down mandate, or with a network engineer who’s hatched a brilliant idea, or it may be necessitated by marketplace demands. Regardless of the original impetus, “there are many paths to reach the same goal,” as the old adage reminds us.
During our latest Executive Connect Live, The 3 I’s of Successful Zero Trust Projects, I had the privilege of sitting down with two pioneers of zero trust security: Alex Philips, CIO of NOV, a Zscaler customer, and Craig Clay, former Lead Connectivity Architect at Shell and Zscaler CXO Advisor. Over the five years I’ve worked with Alex and Craig, we’ve had many conversations about strategies, obstacles, and opportunities on the long road to secure digital transformation.
There are a multitude of factors influencing transformation initiatives, but the successful ones share some basic tenets. During our panel, Alex and Craig discussed the characteristics that successful projects have in common: incrementality, interoperability, and integration.
NOV starts with small changes to build incrementally towards its transformation goal
For NOV, a multinational energy solutions and services provider, the impetus for digital transformation was sparked by a downturn in oil and gas demand that reduced budgets. At the time, Alex was newly promoted from CISO to CIO and realized his company couldn’t afford to continue down the same path. NOV’s traditional vendors were not providing optimal solutions. Alex asked his team: What should we do differently?
A network engineer responded with an idea that was outside the norm. She recommended moving the security stack to the cloud rather than continuing to pay the high costs of on-premises security in the data center. With minimal disruption, the team eliminated its edge security appliances. This incremental change launched NOV on its zero trust journey.
From there, NOV turned to the Zscaler Zero Trust Exchange to route traffic from branch offices directly to the internet, saving millions of dollars on infrastructure costs.
“I think we’ve realized more than $6 million in savings at this point, and we're still seeing cost reductions, Alex said. “Transformation is often an iterative process, and often you don't even recognize you’re ready for the next step until you have the basic pieces in place. With the Zero Trust Exchange, the foundation is there to allow for growth, and that is what I really appreciate about Zscaler,” he noted.
Placing confidence in cloud security and a phased deployment
During his time at Shell, a UK-based global oil and gas company, Craig's critical question was: “How can we do more with less?” The company was preparing to roll out Microsoft Office 365 company-wide, and his team needed to quadruple the available internet bandwidth without a massive increase in operating costs.
At the time, it was a big shift to forgo on-premises proxies and instead invest in bandwidth. With six weeks to plan and six weeks to implement Office 365 across the organization, Shell and their MSP AT&T quickly implemented Zscaler Internet Access (ZIA) to provide efficient, secure access to Microsoft SaaS applications. “A lot of us felt like our careers were on the line with the success or failure of this effort. We bet the ranch on this,” he said.
The team took a phased approach. They began by rolling out Zscaler one small user group and use case at a time, testing for issues along the way. The success of the Office 365 launch enabled Craig and the extended Shell team to expand its use of the platform with internet localization and guest wireless. They continued the transformation process, adding more bandwidth as required to accommodate migration to other SaaS applications like Workday and ServiceNow.
Prioritize interoperability across technologies to maintain the user experience
To reduce technical debt and modernize IT at the 162-year-old company, NOV prioritized security solutions with a high degree of interoperability with existing systems. “Large complex organizations like NOV are always going to have a lot of different platforms, and Zscaler is mature enough to interoperate with NOV’s different stacks, which is crucial because there’s no such thing as only one platform in our environment,” Alex said.
We discussed the importance of coexistence between platforms to avoid interrupting the user experience. Alex is navigating that balance now as his team is creating specific routes and rules following zero trust principles to replace NOV’s site-to-site VPN with Zscaler Private Access (ZPA) for access to private applications. “Interoperability is critical because we can’t just make the change overnight. We’re slowly putting the pieces in place, but everything still must work along the way,” Alex explained.
Integrate silos across IAM, operations, endpoint, network, and security
During our conversation, we observed organizations’ tendency to begin their digital transformation journey with a strategic integration, as Shell did to support Office 365 and other Microsoft applications. Craig pointed out that “…the tight integration between Zscaler and Microsoft and the advantages gained by ZIA service edges placed near Microsoft has significantly improved our performance.”
As organizations move further along the path towards modernization, they build the groundwork for more advanced capabilities such as integrating identity access management (IAM) and device trust into access decisions. Selecting strong platforms that integrate well with each other can result in cost savings, increased performance, and easier dashboard management.
NOV looks to advanced integrations to take its program to the next level of protection.“We’re excited about Zscaler integrating with IP address management solutions to detect when changes happen and profile devices automatically. Advancements like that will be hugely important to us as we move forward and think about our networks and what's worked in the past and what will work in the future,” Alex said.
Executive advice on how to navigate a successful digital transformation
Alex and Craig began their modernization efforts with small, incremental steps, looking for interoperable technology, and integrating solutions to leverage shared strengths. Before we wrapped up, they shared some final advice:
- Don’t try to boil the ocean: Break projects into small chunks for quick wins, which help build confidence in your decision.
- Explain the why: When you’re asking for things to change, start by explaining the logic behind the ask and you’ll get more buy-in from cross-departmental stakeholders.
- Try new things: Craig and Alex advise forging tight relationships with your chosen partner to provide feedback and fine-tune your implementation to meet your specific requirements.
- Building a zero trust architecture is a team sport with many different suppliers in different domains: Make sure the supplier ecosystem works together, and think through these integrations with a long-term view. Create a five-year roadmap to achieve your goals.
- Find a partner that listens to customer requirements and works to meet them: Flexibility in vendor partners is key to sustaining success.
What to read next
The 3 I’s of Successful Zero Trust Projects [Linkedin Live On-demand video]