Securing Trust

Our approach

As a critical partner to more than 8,650 global organizations, we know robust business practices and strong governance are necessary to secure customer trust and confidence. We strive to operate our business with the highest levels of integrity. That includes our focus on ethical business practices and policies, risk management, and our core mission of ensuring data privacy and information security.

Growth grounded in ethical business practices

How we conduct ourselves is just as important as what we do. We are committed to operating our business in an ethical manner, as well as one that’s environmentally and socially responsible.

Our corporate policies define our principles and expectations for employees, suppliers, and third-party partners. Zscaler’s Code of Conduct describes what we stand for and guides our approach to ethical business practices. Our Code of Conduct training, which emphasizes respecting others, acting with integrity, and fostering accountability, is mandatory for Zscaler employees and contractors globally.

Our Supplier Code of Conduct outlines our expectations for suppliers to operate in an ethical and responsible manner, including by following practices to uphold labor and human rights, as well as environmental protection standards. We conduct a risk assessment of our vendors’ controls for protecting Zscaler information; we do this when they are onboarded, during our engagement with them, and when they are offboarded.

Other policies and programs that help support our ethical business practices include our privacy environmental, anti-corruption, insider trading, and whistleblower policies. We constantly seek opportunities for improvement and evaluate and address risks as they arise.

Managing risk in a rapidly changing world

We set and update policies, implement effective controls, and conduct internal audits and assessments to manage risks in critical areas of our enterprise. Risks identified through these processes are escalated to management and our Board as appropriate.

We consider and regularly review a wide range of potential risks that could affect our business operations. With operations in more than 160 data centers globally, we build in fault tolerance wherever possible, providing both intra- and inter-data center redundancy for our production cloud. We also assess the business continuity plans of our data center providers and select partners with the ability to maintain services and connectivity.

Our approach to managing risk also includes certifying our solutions to internationally recognized commercial and government standards.

Our approach to cybersecurity risk

Our rigorous risk management processes cover data privacy, product security, and information security to ensure the highest levels of confidentiality, integrity, and availability for our customers. We continuously evaluate the performance, and strengthen the security, of our products to anticipate the evolving threat landscape.

Our in-house global threat research team, Zscaler ThreatLabz, has a mission to protect our customers from advanced cyberthreats. Armed with insights from more than 500 trillion daily signals on our platform, more than 150 security experts collectively operate 24/7/365 to identify and prevent emerging threats.

Our internal security teams and external cybersecurity auditors continuously evaluate our products. Our cloud platform is monitored in real time, and we provide publicly available insights into the performance and health of our services. In addition to improving Zscaler’s products, the team shares its research with the wider industry to promote a safer internet.

Learn more about our approach to privacy here.