Advance Zero Trust Security

By coupling Beyond Identity's strong, risk-based multi-factor authentication with Zscaler’s Zero Trust Exchange platform, organizations can finally achieve high levels of confidence in their users–their identity and their devices–and broker secure and intelligent access to their applications and data, eliminating the vulnerabilities exploited by hackers today. Together, Beyond Identity and Zscaler are advancing Zero Trust Security.


Hi, I'm Kurt Johnson, Vice President of Strategy and Business Development at Beyond Identity. And I'm here to talk to you today about the partnership and integration we've developed with Zscaler, one of the leaders in Zero Trust Network Access to bring the world's of network-centric Zero Trust and identity-centric Zero Trust together to help our customers on their journey to a full Zero Trust architecture and ecosystem.

As I mentioned, you know, Zero Trust is talked about in many different ways and emphasis on different aspects and there's the world of network-centric Zero Trust. This is what Zscaler has established themselves as a leader in this area, and essentially it still starts with really understanding identity and policy as the way of gaining connectivity into that network environment. It also offers strong advantages that the applications are invisible even though they reside and live out in the cloud and out on the internet.

The ability of leveraging the Zero Trust exchange from Zscaler can make those applications invisible and using a proxy-based architecture to provide connectivity to those applications and the visibility of the traffic that exists. You mirror that with the world of identity-centric Zero Trust. Which has really focused heavily on the "who" is gaining access, the identity. whether that's a human identity or a machine identity, really understanding "who" is behind that identity, what role do they play in the organization, what permission should be granted around access to various resources, higher risk, lower risk applications based on their role.

Looking at their location, looking at all these signals to truly, truly help us understand who that individual is and leveraging forms of authentication to prove that that individual is who they are and authorization rules to determine what are they allowed to do once they gain that access. At the intersection here is where we're really seeing a strong emergence to help working together to help organizations truly understand the "who" and "what" is gaining access to these critical resources. Which is essentially behind Beyond Identity and our password lists unphishable authentication platform that we can help bridge that intersection to really help organizations understand who and what is gaining access to these critical resources by cryptographically binding identity and device together to provide the highest level of assurance and trust around who's gaining access to all these applications integrated into identity providers platforms, SSO, PAM.

To really understand and link to the variety of applications and resources our users are gaining access to. Every authentication request where the Beyond Identity Authenticator resides on that device is enabling the frictionless log-on experience, but also capturing the device security posture at the point of authentication. Working with Zscaler, we can take that one step further. For those customers investing in Zero Trust Network architectures, leveraging the strength of Zscaler and their Zero Trust exchange.

First and foremost, we can ensure proper authentication into an environment running Zscaler, whether it's via an IDP or independent of an IDP, providing direct integration which enables Zscaler to understand the identity and the device security posture at the point of authentication. But one of the strongest benefits of bringing us together when Zscalers, when the Zscaler client connector is also running on that device, we can help customers bridge that gap and take it even further with their ability to authenticate and enforce policy at the point of authentication, but also more importantly, on a continuous basis where that user is authenticated into this environment.

We've assessed that we know who that user is that the device meets security posture and we've given them access, but Beyond Identity is running on this continuous basis.` And let's say something has changed on that device, something- maybe a user turned off the firewall or turned off disc encryption and it violates policy. We will actually send that signal of some sort of change on that device to Zscaler. Zscaler can then terminate the user session taking them off that environment, disabling that access and then require that that user force a re-authentication into Beyond Identity.

So now the signal comes in, that user has been disconnected they're being asked to authenticate themselves and until they bring that device back into policy they will not be granted access. So we can provide the basis of continuous authentication on the user and that device and more importantly, enforce that. Working together to bridge this gap to provide the highest level of confidence and assurance but also protection for your organizations.

So together, really understanding "who", the identity behind that, the device, and then bridging together to provide the basis for continuous authentication. We're here to work together as partners to help you on your journey to Zero Trust. Thank you.