It’s one thing to acquire a company, it’s another to complete integrations rapidly enough to make your newly acquired employees productive. That’s why we’re using zero trust for M&A here at Sanmina, where we provide integrated Industry 4.0 manufacturing solutions to serve the global Electronics Manufacturing Services (EMS) market.
As a market leader growing organically and by acquisition, our Zscaler Zero Trust Exchange platform deployment has become an integral part of our overall M&A strategy for quickly achieving synergies. In fact, the platform has helped us ensure productivity on day one during four recent acquisitions in the U.S., Eastern Europe, and Latin America.
For this blog, we’d like to share a few of the key steps we recommend drawn from the lessons we’ve learned over the course of those acquisition experiences.
Step 1 – Replace VPN with ZPA for rapid user onboarding
Like many companies, prior to adopting Zscaler we used VPNs to grant employees remote access with firewalls and other technologies for working on site. When we acquired a company, we’d bring in every employee’s laptop for reimaging, to ensure application and security compliance, before we could connect them by VPN or permit them to access our network when on site. Completing the reimaging process requires weeks, months, or longer, depending upon the acquired company’s size.
Instead, we developed a plan to use Zscaler Private Access (ZPA). With ZPA, we grant acquired employees immediate access to our internal applications while they wait in the laptop reimaging queue. This enables people to begin contributing to our company immediately, without connecting them to our network, benefitting our bottom line. We also reduce enterprise risk to nearly zero, as ZPA prevents an existing infection from coming along with the acquisition.
Step 2 – Obtain an application and user inventory
Although obtaining a list of employees and the applications they’ll require sounds simple, this can take the acquired company longer to produce than you might expect. Many times, employees can quickly identify the applications they use often, but don’t always remember to include other critical solutions they access less frequently.
As inventories are key to success, start the generation process early to net the most complete data by the time you’re ready to move forward with other tasks. In addition, develop an efficient system for new employees to request access beyond the inventory you’re provided. This reduces frustrations around resolving any mismatches or changes in job needs.
Step 3 – Configure an onboarding policy group in ZPA
The first time we used ZPA as an M&A enabler, a security engineer developed the appropriate least-privilege access specifications for each of our applications. Once the specs were established, plugging them into ZPA and configuring an onboarding policy group took minutes.
With the policy group created, we dropped the inventory of acquired employees and applications into the group. Then, at the start of business on the appointed day, the acquired employees downloaded Client Connector onto their devices and they were up and running within an hour.
Step 4 – Stay the course for acquired company access
Because our existing employees also require access to acquired company applications, such as ERP systems, we developed a similar process to address this scenario. It includes obtaining an inventory of your existing employees and the privileges they need and deploying App Connector for the necessary applications at the acquired firm.
In our experience, using ZPA to access acquired company applications saves weeks of approval and technology processes for them to provide us with traditional VPN access. What’s more, using VPNs opened us up to greater risk as we had no control over the security environment on their side. Using our zero trust platform eliminates that risk.
Alt: Step 5 – Get visibility into your app security posture
Moving forward, we’re excited about the ability to boost the security posture of our applications, whether existing or acquired, using ZPA AppProtection for its inspection capabilities. By checking for potentially malicious activity embedded within encrypted traffic destined for those applications, ZPA AppProtection can help us further reduce the risk of compromise and disruption to our business.
In other words, Zscaler is a lot like airport security: before you’re allowed to board a plane, they check your passport, they check your visa, and they inspect your bags for suspicious contents.
Step 6 – Hand the process off to your admins
Once we established the process for onboarding M&A employees, ongoing execution is like anything else with Zscaler – it’s so straightforward we no longer need to dedicate any significant engineering resources to it. Today, the heavy lifting is just another job that our Zero Trust Exchange platform handles, with only a minimal amount of time required for our systems administrators to manage.
Accelerating M&As increases competitive advantage
Overall, leveraging Zscaler for onboarding acquired employees is now integral to our M&A strategy. By gaining synergies faster, we’re able to accelerate acquisition completion. This, in turn, provides our enterprise with the agility to take competitive advantage of new M&A opportunities as they arise.
To learn more, I invite you to read the accompanying case study about our zero trust adoption and how our partnership with Zscaler will help take us into the future.