Instead of VPN: Zscaler introduces "zero-trust" SIMs for IoT devices
Zscaler's new zero-trust SIMs are designed to better secure production technology and IoT devices. And an AI application is designed to predict attacks.
(Image: oatawa/Shutterstock.com)
- Bruno Stoemer
Security provider Zscaler presented Zero Trust SIMs in The Hague at the European offshoot of its annual conference. These are used to ensure secure connectivity for mobile IoT and OT devices via the Zscaler platform.
With the Zero Trust SIM cards, Zscaler is addressing a known security gap: securing the connectivity of devices that are outside the traditional corporate network infrastructure and therefore not directly under the control of IT security departments. Instead of routing traffic through networks with VPNs and firewalls in the data center, the Zero Trust SIMs enable bidirectional communication where all data packets are routed through the Zscaler platform. According to the manufacturer, this solution not only provides increased security, but also significantly reduces latency and eliminates the need for expensive and complex hardware.
Customers are to receive a comprehensive overview and control of all data traffic on the user interface of the Zscaler portal. It is also possible to apply security policies: The policy engine can be used to define specific applications that can be accessed via the SIMs, while unauthorized access is blocked. According to the manufacturer, all standard products from other well-known providers are compatible, in addition to Zscaler's own SIM cards. The technology is already being tested by selected customers, but is not yet publicly available.
With AI against future attacks
An AI-based application for risk analysis called Breach Predictor was also presented at the event. The tool draws on extensive security data provided by the manufacturer itself - including threat scores and risk assessments of users and devices – to reveal potential attacks in real time. In contrast to traditional systems such as SIEM, SOA or XDR, which primarily analyze past incidents, the Breach Predictor is designed to forecast future attacks and their impact.
The system does not require manual rule definition or hypothesis generation - it automatically identifies and evaluates threats and provides context-based recommendations for better protection. This feature is designed to enable security teams to take targeted action to improve the security posture based on the organization's current business policies and security requirements.
Also worth mentioning is a simplification in the management of Zscaler's security products for administrators. While the Client Connector already offered a unified user experience on the front-end side, administrative functions were previously spread across different consoles - these have now been consolidated on the back-end side as well. IT administrators can now manage all applications via a central user interface, which should significantly improve efficiency and clarity.
(olb)
