Revolutionizing network security: Gray Television’s digital transformation with Zscaler. Credit: iStock/MF3d Gray Television has embarked on a transformative digital journey to modernize and secure its network infrastructure, and I’m excited to share our experiences and insights from this process. Our story is one of growth, challenges, and innovative solutions that have reshaped our network infrastructure and security landscape, thanks to our relationship with our trusted partner Zscaler. Navigating complexities Based in Atlanta, Georgia, Gray Television operates in 114 markets across 38 states. We aim for employees at all locations to be productive and secure, but rapid growth through M&As has led to a complex network infrastructure that got in our way. Our acquisitions left us with a fragmented network comprising several WANs and dozens of VPN solutions, making management, monitoring, and policy implementation extremely challenging. Each new acquisition added layers of complexity, and the disparate systems didn’t always play well together. By early 2021, we realized the need for a radical change to simplify our network and enhance security. Defining our goals: boosting resilience while decreasing risk Zero trust segmentation was at the core of our strategy. As part of our new security strategy, we developed a roadmap centered on network segmentation through zero trust that would address users, workloads, branches, and internet of things (IoT)/operational technology (OT) devices. Because zero trust assumes that every network interaction is potentially malicious, it would enable us to implement stringent access controls that significantly reduce the risk of data breaches. Another critical aspect of zero trust is continuous monitoring and analysis of network activity to help us gain deep insights into network traffic, identify potential threats, and help security teams respond swiftly to incidents. We set three primary goals for our digital transformation that revolved around the Zscaler Zero Trust Exchange platform: Network modernization: Transition away from legacy VPNs and reduce our reliance on traditional WANs. We needed a solution that could handle our sprawling network without the headaches that came with outdated systems. Simplification: Manage our network from a single pane of glass to streamline operations and achieve cost savings. Simplifying our network infrastructure would not only make it easier to manage but also reduce the risk of configuration errors and security breaches. Consistent security policies: Implement uniform security policies across all platforms. Consistency in security policies is crucial for reducing cyber risk, protecting our data, and ensuring compliance with industry regulations. Phase One: Improving the user experience and reducing the attack surface with Zscaler Private Access Our first step toward implementing a network segmentation strategy was deploying Zscaler Private Access (ZPA) to provide users with direct-to-application connectivity rather than bringing them into the network. ZPA was a game-changer, allowing us to eliminate our legacy VPNs, streamline our network, and reduce the attack surface. The shift to ZPA was seamless, and our remote employees could access the resources they needed to do their jobs without the cumbersome and risky connections. It also provided granular access controls, enabling us to define application and data accessibility parameters. Phase Two: Replacing costly SD-WAN with Zscaler Zero Trust SD-WAN Next, we introduced Zscaler Zero Trust SD-WAN to replace our traditional WAN network-to-network connections with zero trust user-to-workload and device-to-workload sessions. This phase is still in progress, but we’ve already seen substantial benefits. Zero Trust SD-WAN has simplified our network management and reduced costs by using standard internet connections instead of expensive private line and MPLS connections. Zscaler SD-WAN allows us to securely connect our branch offices to the internet and private applications, without the risk of lateral threat movement on the network. Additionally, by leveraging standard internet connections with Branch Connector, which enables Zero Trust SD-WAN, we cut costs dramatically without sacrificing performance or security. Moreover, the simplicity of Zero Trust SD-WAN made it easier for our IT team to monitor and control all branch connections from a single management console. This reduces the administrative overhead and makes it easier to enforce consistent security policies across the entire network. Phase Three: Future zero trust innovations and integrations Looking forward, we plan to further extend zero trust segmentation by securing devices such as IoT kiosks, computers, and servers through the Zero Trust Exchange platform. Integrating IoT devices into our zero trust network is particularly exciting. IoT devices are becoming increasingly common in our industry, and ensuring their security is a top priority. By connecting and securing these devices with the Zero Trust Exchange platform, we can apply the same rigorous security standards to them as we do to our other network components. This will help us protect against potential vulnerabilities and ensure our entire network is secure. We also plan to explore using Zscaler Zero Trust Device Segmentation, which provides zero trust segmentation in LAN environments. This will be crucial for protecting our critical infrastructure and operational technology (OT) networks from ransomware and other advanced attacks. Creating a “segment of one” for each device will allow us to control access policies at a very granular level without any changes to switches and routing infrastructure, further enhancing our critical infrastructure security posture. The agentless approach will enable us to deploy this revolutionary technology in hours versus months. Tangible outcomes and benefits I am proud of my team’s ability to execute our goals with the help of the Zscaler team. Not only did we meet our goals without a hitch, we also reaped these benefits: Cost savings: Utilizing the internet as the corporate network with Branch Connector has had a substantial financial impact, freeing up resources we can reinvest into other business areas. Reduced business risk: By implementing consistent security policies across all platforms, minimizing the attack surface, and preventing lateral movement we have improved our risk profile. We’re now more confident in our ability to protect our data and comply with regulatory requirements. Improved business agility and scalability: The cloud-based Zscaler architecture allows us to easily add new users, devices, and locations without the need for complex hardware installations or upgrades. Additionally, streamlined M&A processes have allowed us to integrate new acquisitions quickly and securely with ZPA and Zscaler SD-WAN. This flexibility has been crucial in ensuring that our network can keep up with our expanding business. Our journey with Zscaler has been nothing short of transformative. We now have a scalable, secure, and efficient network that supports our growth and operational needs. I encourage other organizations facing similar challenges to consider the Zero Trust Exchange platform. It has made a world of difference for us. As we look to the future, we are excited about the possibilities that lie ahead. The continued evolution of our network infrastructure will enable us to stay ahead of emerging threats and ensure that our employees can work securely and efficiently from anywhere. We are committed to maintaining our zero trust principles and leveraging the latest Zscaler technologies to keep our network secure. I hope our story inspires you to embark on your own path to a more secure and efficient network infrastructure. Watch Brian Morris from Gray Television’s full Zenith Live ’24 presentation. To learn more, visit Zscaler here. Related content brandpost Sponsored by Zscaler NYC Department of Education builds the pipeline for future cybersecurity professionals NYC Department of Education's innovative programs empower students through hands-on experience and partnerships in cybersecurity, paving the way for diverse career pathways and long-term success in the digital workforce. By Demond Waters, CISO, and Anthony Dixon, Director of Cybersecurity Engineering at the New York City (NYC) Department of Education (DOE) Oct 21, 2024 10 mins Security brandpost Sponsored by Zscaler Are Your Firewalls and VPNs the Weakest Link in Your Security Stack? In an era when traditional network perimeters no longer exist, it’s time to adopt the Zero Trust mantra, "never trust, always verify.” By Zscaler Oct 21, 2024 9 mins Security brandpost Sponsored by Zscaler 6 key mobile and IoT/OT attack trend findings Zscaler ThreatLabz analysis shows more than 100% growth in spyware, much of which can bypass multifactor authentication, and 45% growth in IoT attacks. By Will Seaton, Viral Gandhi, Yesenia Barajas Oct 18, 2024 6 mins Security brandpost Sponsored by Zscaler Zero Trust + AI: A match made in the clouds It’s time to unpack the true value of Zero Trust and AI in modern cybersecurity. By Zscaler Sep 27, 2024 5 mins Machine Learning Cloud Computing Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe