challenges

Securing employees, safeguarding customer information, and maintaining data protection compliance

results

Deployed a proxy-based architecture with TLS/SSL inspection

Gains the ability to stream logs from users and locations into their SIEM

Sees savings by eliminating hardware and associated capex/opex costs

Reduces risk of on-site equipment failure

The Arc Mid-Hudson snapshot

The Arc Mid-Hudson is a private not-for-profit agency out of Kingston, NY. Supporting 1,800 people from preschool through adulthood, their mission is “To empower people with intellectual and other developmental disabilities to achieve and experience the highest quality of life.”

Industry:

Nonprofit Institutions

HQ:

Kingston, NY

Size:

Supports 1,800 people over 50 remote sites

Kenneth Dales

Kenneth Dales

CIO, The Arc Mid-Hudson
The Zscaler Zero Trust platform helps ensure that the systems used by our employees work as smoothly, efficiently, and securely as possible without getting in the way of providing the highest level of care for our clientele.

Customer Case Study

Zscaler’s Longest-Standing Customer, The Arc Mid-Hudson, Advances Security Capabilities for Mobile Healthcare Workers and Patient Data

After 15 Years with Zscaler, The Arc Mid-Hudson Continues to Rely on Zscaler to Secure its Workforce and Enable Data Protection for Healthcare Information

Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced that its first and long-standing customer of more than 15 years, The Arc Mid-Hudson, is leveraging the power of the Zscaler Zero Trust Exchange™ security platform to support its transition from a site-based human services provider to a remote and highly mobile service model. To support this significant shift, the Zscaler Zero Trust Exchange plays a critical role in securing The Arc Mid-Hudson’s employees, safeguarding customer information, and maintaining data protection compliance with stringent healthcare privacy regulations.

A Zscaler customer since 2007, The Arc Mid-Hudson is a not-for-profit human services organization in New York State dedicated to supporting more than 1,300 individuals with intellectual and developmental disabilities. The Arc Mid-Hudson has over 50 remote sites and approximately 1,800 employees primarily involved in client care services. Employees who work onsite at residential facilities or engage with clients out in the community require secure, reliable access to resources from both company-owned and personal devices.

The Arc Mid-Hudson sees immediate utility from zero trust

“The Zscaler Zero Trust platform helps ensure that the systems used by our employees work as smoothly, efficiently, and securely as possible without getting in the way of providing the highest level of care for our clientele,” said Kenneth Dales, CIO at The Arc Mid-Hudson. “We've relied on Zscaler’s cloud native platform to accelerate our secure digital transformation initiatives and implement new security capabilities rapidly. And, for the most part, I'd say we've been moving at a rapid pace in that regard.”

Zscaler’s platform was implemented as part of a multi-agency collaborative; the merger of two of these organizations formed what is now known as The Arc Mid-Hudson. Today, the organization is using Zscaler Internet Access for fast and secure internet and SaaS access for its diverse, hybrid workforce. Zscaler provides scalable, high-performance, and consistent protection for employees, no matter where they are or what device they are using.

The Arc Mid-Hudson is diligent about maintaining data integrity to comply with the Health Insurance Portability and Accountability Act (HIPAA) and the New York SHIELD Act, which has similar provisions. Healthcare compliance regulations require healthcare organizations to follow a strict set of rules for data sharing and disclosure of protected health information (PHI). If security breaches do occur, penalties can be severe. While cloud technologies are helping healthcare providers like The Arc Mid-Hudson improve their standard of care and provide better information, client data now travels over internet connections, potentially exposing it to breaches and attacks.

Quote

We've relied on Zscaler’s cloud native platform to accelerate our secure digital transformation initiatives.

Kenneth Dales, CIO, The Arc Mid-Hudson

Remaining compliant in an age of tough standards

In an effort to keep up with compliance standards, The Arc Mid-Hudson deployed Zscaler’s proxy-based architecture with Secure Sockets Layer (SSL) inspection to monitor traffic to and from the organization for hidden malicious code, data exfiltration and other misuses of SSL encryption. The solution accomplishes this without performance degradation or increasing latency. The organization also added Zscaler’s Nanolog Streaming Service (NSS) capabilities to stream logs from users and locations into The Arc Mid-Hudson’s security information event management (SIEM) software for deeper analysis, compliance assurance in the area of log archiving, and comprehensive reporting. Implementation of SSL and NSS capabilities are part of a larger data protection and integrity initiative at The Arc Mid-Hudson.

The Arc Mid-Hudson has seen many positive outcomes from its Zscaler deployment for both IT and customer service teams, including substantial savings by eliminating hardware and associated CapEx / OpEx costs, fewer risks from onsite equipment failure, and the ability to rapidly respond to security issues or necessary configuration changes.

“When we first introduced Zscaler’s foundational secure web gateway technology, we recognized the increased growth in employee mobility and their desire to access work-related applications that were already starting to migrate to the cloud,” said Srikanth Devarajan, VP & GM, Zero Trust for Workloads - and founding engineer, Zscaler.

Quote

(With Zscaler), we recognized the increased growth in employee mobility and their desire to access work-related applications.

Kenneth Dales, CIO, The Arc Mid-Hudson

Future-readiness for a good cause

“This new and rapidly emerging workstyle, hinged on mobility and the cloud, drove our vision to completely rearchitect security and disrupt the decades-old model of hub-and-spoke networks secured with ineffective firewalls and VPNs,” said Narinder Paul, VP & GM, Data Protection and founding engineer, Zscaler. “It is extremely rewarding to redefine network security by introducing the world’s largest in-line security cloud platform that uses policy enforcement to connect users directly to applications and resources—never the corporate network—has now become a reality and is currently protecting thousands of enterprises globally.”

Quote

It is extremely rewarding to redefine network security by introducing the world’s largest in-line security cloud platform.

Kenneth Dales, CIO, The Arc Mid-Hudson

More from this customer

Seeing improved security for 50 remote sites
Read the Press Release