Utilize GCP cloud-native services such as Cloud Interconnect, Cloud Router, and Private Service Connect as an underlay.
Manage access to multiple business units accounts in GCP through a single pane of glass.
Simplify management of stacks and dashboards, while improving visibility of traffic flow between endpoints, VPCs, and accounts across regions and data centers.
Ensure high-performance traffic encryption for network traffic.
Faster Time to Value
The company worked with Prosimo to help transform the traditional castle and moat architecture into a more modern Zero Trust model with a context-aware authorization framework for their cloud applications. Prosimo provided a cloud-native Zero Trust Network Access (ZTNA) solution, deployed with greater cloud agility and automation/APIs across multiple regions to a global user base spread across various geographies, and leveraged the defense-in-depth model to keep the threats away from their enterprise workloads.
Attack Surface Reduction
Prosimo worked with the company to significantly reduce the attack surface for their enterprise applications, DevOps and CI/CD pipeline tools, and collaboration apps with sensitive internal data using the Identity aware proxy that created an airgap between unauthorized access and their applications with inbuilt behavioral analysis engine led by machine learning and step up authentication.
Minimal Application downtime during Production Rollout
The company seamlessly rolled out a Zero Trust model with a well-planned migration strategy by moving critical apps first to Prosimo’s cloud-native transit without impacting the user experience and keeping existing DNS with bulk onboarding application domains using their existing DNS servers. This left the choice for cloud architects to migrate the applications in groups with minimal application downtime and change management windows.
Scalability and Performance
With Prosimo, the company could seamlessly scale up to support 20,000 users (including employees, contractors, and service agents), hundreds of concurrent user sessions, and over 2000 applications. At this scale, the company optimized the per-app performance through Prosimo’s proximity-aware routing to onboard users to the nearest cloud entry point and used application optimization techniques to improve the user experience significantly.
The fintech company partnered with Prosimo to accelerate the transformation to a Zero Trust Architecture (ZTA). Prosimo provided the company with a flexible remote access solution that optimizes performance, security, and user experience. Prosimo’s cloud-native approach enabled the company to quickly deploy the solution at scale without adding operational overhead. With Prosimo’s defense-in-depth security stack led by Machine Learning and data analytics, the company could reduce the attack surface significantly for their enterprise applications in the cloud.
With over 15 offices in different countries and 15,000 employees, a fintech company specializing in business software started streamlining and modernizing how employees and partners access applications. The company’s Security and Risk management department has been mainly focused on Zero Trust security, an approach in which all communications are validated, authorized, and access is strictly controlled for every user and device, regardless of whether they are inside or outside the network. This move to Zero Trust is driven by the need for secure and easy access to enterprise applications for remote workers, core business applications for customers and partners, increased cloud adoption in AWS, and new sophisticated attacks testing the limits of traditional VPN security solutions.
Furthermore, the company is embracing work style reform with a significant global presence where users are no longer confined to an office or on-prem locations. The company is empowering employees to work from anywhere — at home or in a café. While remote access has existed in one form or another for many years, it was never intended to be used extensively or as a primary means of connecting to enterprise applications. Also, user experience was never a priority as most users and applications “lived” in the exact location – the enterprise campus.
Regarding application access, the Head of the Information Security and Risk Management Department explains,
“Today, the definition of ‘workspace’ extends beyond just ‘the office’ to include spaces like our homes and coworking sites. In these times, we believe that a Zero Trust security environment is necessary for people to be able to work safely anywhere, anytime, and in the same sort of environment as if they were in the office. We must provide our employees with a new, unified UI/UX and support a more open work style. This means rethinking our approach to architecture and infrastructure. Security is a key focus, but we also need to take into account the ease of access with Single Sign-on (SSO) and passwordless authentication while still providing the most optimal access leveraging cloud backbone, Edge network location to reduce first, mid-mile latencies that we typically see with VPN over the Internet and ensuring integrated identity management. We are also using various cloud services to improve our efficiency, so we feel we need to manage and protect every one of our devices very closely.”