S P E C I A L I S T I N S I G H T

Goal : simplify and improve security and user experience

Despite providing a cloud-based service , Mindbody had its share of traditional security infrastructure , including multiple virtual private networks ( VPNs ), making the environment complex for both users and IT . More importantly , security was increasingly insufficient for staying ahead of advanced threats .

“ Moving to 100 % cloud and allowing users to work from anywhere , we could no longer rely on on-premises technology such as firewalls and network intrusion detection to keep our users safe ,” said Michael Jacobs , Deputy Chief Information Security Officer and Senior Security Architect . “ And with VPNs , our users had free reign to access anything on the network . We needed a solution that provided modern , cloud-native security capabilities and a less complex , easier experience for both users and administrators .”

Ease of use leapfrogs the competition

In business for more than two decades , Mindbody has grown both organically and through acquisitions , thus increasing IT complexity along the way . To streamline and simplify operations , improve user experience and bolster security across this growing global enterprise , Mindbody evaluated a range of IT security solutions . The company decided to modernise by implementing a Zero Trust Architecture for building a Security Service Edge ( SSE ) ecosystem . After conducting a proof of concept , it adopted the Zscaler Zero Trust Exchange .

“ We looked at a wide range of products ,” recalled Jacobs . “ The ease of using the services within the Zero Trust Exchange , both for end-users and IT , simply blew away the competition .”

Secure , easy access to network resources

To provide Zero Trust Network Access ( ZTNA ), Mindbody implemented Zscaler Private Access ( ZPA ). Part of the Zscaler Zero Trust Exchange , ZPA connects users from anywhere directly to applications – without having to place the users on the network – providing fast , easy access while also minimising the attack surface and eliminating lateral movement .

Mindbody users have faster and easier access to the applications and network resources they need .

“ Users don ’ t have to worry about connection or Internet performance issues present with legacy VPNs ,” said Jacobs . “ They just log on and securely access the applications they need .”

Mindbody ’ s IT team also realises significant operational and productivity gains from reduced overheads .

“ ZPA deploys five times more quickly than traditional VPN solutions and we no longer have to manage physical devices ,” noted Jacobs . “ Plus , we liked that it provides default least-privilege access and is based on a cloudnative platform .”

Boosting security with posture assessment and more

With the granular role-based access policies that ZPA supplies , Mindbody now limits application access to only those that each employee needs to do their job . Prebuilt integrations within the Zero Trust Exchange also provide seamless connections to other solutions in the company ’ s security environment , such as single sign-on ( SSO ) and Multi-Factor Authentication ( MFA ). In addition , Mindbody gained device posture assessment – a capability it considered critical .

“ Along with user authentication , knowing the device security configuration state is a cornerstone of Zero Trust ,” said Jacobs .

Functionally , when a laptop or desktop user connects to a resource , ZPA automatically conducts a posture assessment to ensure that the device ’ s hard disk is encrypted , endpoint detection and response ( EDR ) agent is installed , and firewall software is enabled . ZPA also inspects mobile devices to make sure they are in compliance with corporate mobile security policies .

Furthermore , the implementation supplied the Mindbody security operations team with reporting capabilities and critical information for decision-making that were previously unavailable .

“ Using ZPA , we can see exactly which applications our users are connecting to at any given time and have visibility into connection trends , which assists in incident response and improves operational efficiencies ,” said Jacobs .

Rapid M & A onboarding and access to 700-plus applications

As the company has grown by acquisition , so has the number of configured applications , to more than 700 . By providing secure , easy access to applications and other cloud resources that newly acquired employees need , ZPA helps the operations team fully migrate new companies to Mindbody within a matter of weeks .

www . intelligenthealth . tech 49