Americas

  • United States

Asia

Oceania

Mercury Financial gains a competitive advantage with zero trust

BrandPost By Zscaler
May 04, 20236 mins
Security

With many employees working remotely, Mercury Financial needed a solution to help find, troubleshoot, and correct user issues. Enter: Zscaler.

article 9 image istock 1401455311 fatcamera
Credit: FatCamera

A born-in-the-cloud company, Mercury Financial upholds a competitive advantage in the financial services industry through advanced technology tools that help its customers responsibly manage their credit and offer them credit as they’ve never had before.

Dedicated to continuous improvement through innovation, Mercury Financial recently transformed its traditional security architecture and built a risk-based, cloud-native security program. Its transformation overhaul was driven by three reasons: compliance with financial services regulations like PCI DSS, replacing traditional VPN technology to improve user experiences and traffic visibility, and strengthening security controls to its Amazon Web Services (AWS) environment.

To do this, Chief Information Officer Arjun Thusu decided to adopt a zero trust approach to protect against potential threats. This was the origin of their Zscaler Zero Trust Exchange™ implementation.

Thusu said, “The Zscaler Zero Trust Exchange platform provides a comprehensive methodology for zero trust for application access. We see Zscaler as a leader in this space because its comprehensive platform covers multiple facets of zero trust. To get the same functionalities we get from Zscaler elsewhere, we would have to deploy several vendor solutions.”

Unfortunately, many organizations resort to the alternative and deploy countless point products that waste budget and resources and often don’t play nice together.

Deploying Zscaler Internet Access to protect against today’s threats

Mercury Financial deployed Zscaler Internet Access™ (ZIA™) as part of its digital transformation initiative, which protects users from threats and enhances connectivity, regardless of where they work. With secure direct-to-internet and direct-to-SaaS connections, users enjoy an improved user experience when accessing web or SaaS applications like Jira for software development project management and Microsoft 365 for general business use.

The company relies on ZIA for threat containment through its artificial intelligence (AI)-powered capabilities such as phishing detection, C2 botnet and evasive threat detection, and suspicious website identification. In addition, Zscaler Advanced Firewall, which is part of ZIA, follows mobile Mercury Financial users wherever they go, providing full inline traffic inspection, detecting encrypted threats hiding in non-standard ports, and always-on intrusion prevention.

Alex Arango, Head of Cyberthreat Management at Mercury Financial, believes every device its users deploy should be protected like a data center. He adds that with the addition of an Advance Firewall to ZIA, Mercury now has a materially better posture needed to keep its users secure.

Replacing a clunky VPN with Zscaler Private Access

When the Covid-19 pandemic took the world by storm, the Mercury Financial team needed to act fast to move its entire workforce to VPN. The flows and risks inherent to this approach quickly became evident, including a poor user experience due to latency as well as repetitive logins and authentication. Unfortunately, the VPNs deployed proved unsustainable over the long term and needed more agility required for a distributed workforce.

Mercury turned to Zscaler Private Access™ (ZPA™) to replace its VPN. ZPA provides users, regardless of where they are, with fast, seamless access to private applications that run on AWS.

“For a remote workforce, ZPA offers a seamless experience, provides vastly improved protection, and reduces the support burden. Implementing ZPA was a resounding success! Executives and other employees can now get safe access anywhere their travels take them and across a myriad of devices,” said Chief Information Security Officer Anthony Cunha.

Integrations with Crowdstrike and Okta help streamline operations

Mercury saw the integration between CrowdStrike and Zscaler as a differentiator and a critical enabler for its zero trust strategy. Mercury Financial is taking full advantage of the Zscaler-CrowdStrike integration to facilitate threat intelligence and telemetry sharing and to broaden the scope of endpoint protection at the network layer.

For example, Zscaler incorporates the latest list of indicators of compromise (IoCs) detected by CrowdStrike, such as malicious URLs, and detects and blocks endpoints from threats by proactively blocking these sites.

And to further broaden its zero trust ecosystem, the company adopted many other Zscaler-integrated solutions, including Okta for user authentication and access level verification. The Zscaler-Okta Security Assertion Markup Language (SAML) integration authenticates user identities, allows users access only to authorized applications, and automatically provisions and deprovisions users as needed.

“With these Zscaler integrations, we can run our operation like an efficient multilane highway, with vehicles going simultaneously in the same direction and at the same speed,” said Jason Smola, Enterprise Security, and Infrastructure Architect.

Improved productivity and fast resolution times with Zscaler Digital Experience

With many employees working remotely, Mercury Financial needed a solution to help find, troubleshoot, and correct user issues. Zscaler Digital Experience™ (ZDX™) fits the bill perfectly, with its ability to continually monitor and provide root causes of SaaS-related problems.

Smola goes on to say, “ZDX has increased data insights, and this enables us to diagnose connectivity issues more easily. Our users appreciate it too because it makes them more productive by reducing the time required for the help desk to solve problems.”

Deployment made easy by Zscaler

One of the things that stood out for Smola during the deployment was the importance of having a strong understanding of the network before initiating this architectural shift. He and his team thoroughly identified their most critical and valuable data, assets, applications, and services. Once they had a good handle on that, the process was smooth and efficient.

Benefits gained by adopting Zero Trust

The Zscaler zero trust architecture has benefited Mercury Financial in numerous ways—from curbing threats by reducing the attack surface to increasing the efficiency of the small security team.

“Zscaler zero trust has allowed us to carve out our entire infrastructure into insolated segments so that the extent of compromise is minimal. If an attacker gains a foothold in our stack, instead of affecting 20 servers, it only affects one. In addition, it reduces our blast radius and the potential infection of east-west movement, so our ability to remediate has soared exponentially,” said Smola.

Since the ZTE deployment, Mercury Financial has had zero downtime due to malware or ransomware. Additionally, the IT team has seen a significant reduction in support tickets and the user experience.

The team also points out that Zscaler has made them more efficient and given them greater peace of mind.

Like what you read? Are you ready to start your transformation journey with Zscaler? If so, request a demo to see how Zscaler closes security gaps and helps you safely move to the cloud.

The information in this document is published for informational purposes only. Views expressed herein are not intended to be and should not be viewed as advice or as a recommendation. Any opinions expressed in this document and related links are the opinions of the individual author and may not reflect the opinions of Mercury Financial. This document may contain links to other third-party websites that are only for the convenience of the reader. Mercury Financial does not recommend or endorse the contents of the third-party sites.