Messer Gases is a German industrial gas manufacturer producing industrial, medical and specialty gases for various sectors. Its focus on security extends to its IT department, which utilizes the Zscaler platform to align the access of third-party collaborators with the Zero Trust Network Access (ZTNA) concept. Each access is evaluated based on the zero-trust principle. The security solution, designed and implemented by Delfia curators, ensures frictionless control for both users and IT, resulting in zero Service Desk calls related to access incidents.
Delfia, an IT consultant, has announced the results achieved by Messer Gases Brasil with the Zscaler Zero Trust Network Access security solution.
Given the complex processes involved in manufacturing gases for sectors such as healthcare, metallurgy, food/beverage, welding, cutting, chemistry and engineering, security is inherent in Messer Gases’ DNA. One of the organization’s pillars is the respect for personal data of customers, suppliers and employees, as demonstrated by their continuous compliance with LGPD.
To enhance the organization’s security value, Messer’s IT and cybersecurity professionals initially sought to intensify controls for remote or on-site access by employees, including professionals from various regions of Brazil and abroad.
“Security is a fundamental value for us, and despite these accesses being managed through VPNs, we wanted to elevate the security posture of both users and their devices. The goal was to gain granular control over every log, access and machine configuration. With the help of Delfia, we identified that the ZTNA concept would help us address these demands,” said Lucas Ferrão, Infrastructure Analyst at Messer Gases Brasil.
On this journey, Messer combined Delfia’s curation, POC, project and implementation services with the Zscaler solution. The result is a frictionless and secure user experience.
Ferrão said: “The number of calls made to our Service Desk due to access incidents has dropped to zero. It’s a reality where security happens without causing complications, making everyone’s work easier.”
This process was also smooth for the security and IT team, as Zscaler became part of the company’s operations in just two weeks.
For Rodrigo Bocchi, CEO of Delfia, Messer Gases is an example of a successful implementation of the ZTNA concept.
“We know that some organizations struggle to make this leap, which requires a new mindset from everyone involved. In a straightforward way, the Delfia/Zscaler solution at Messer brought together the best of several worlds: Messer Gases’ digital culture maturity, Delfia’s rigor and methodology, and finally, the agility of the Zscaler platform. Complexity is the enemy of security.”
The pursuit of security excellence at Messer Gases Brasil will lead the company to use Zscaler on the smartphones of industrial plant maintenance teams and distribution centers in the future.
Zero Trust, Minimum Privilege
The Zero Trust model assumes that the breach has already occurred – this is a fundamental part of the zero-trust mentality. ZTNA solutions are based on the concept of minimum privilege: never trust, always verify.
The goal is to offer minimal access to resources and users, regardless of whether the professional is inside or outside Messer Gases’ perimeter – be it an industrial plant, a branch, a distribution center, or the national headquarters in Alphaville.
Regardless of their location, users are challenged by various automatic authentication and context-checking functions to prove they have the necessary credentials. The ZTNA model defaults to not trusting any user or device. This approach enhances the organization’s security posture by detecting inconsistencies, threats and blocking unauthorized access.
When deciding to replace some of Messer Gases’ VPNs with VPNs embedded within the ZTNA concept, Ferrão also determined that the solution should be cloud-based, lightweight and have minimal demands on the company’s network infrastructure. They sought to procure the solution as a service. It was also necessary to check the performance and usability of the ZTNA platform within a framework with multiple user profiles and access devices.
Ferrão adds: “The granularity of the platform was critical for us – we wanted a solution that would easily help us define, for example, that user X could have access to resource A but not to B and C.”
User and Access Device Profile Inventory
To support the solution selection process, POCs were conducted with some market vendors. At the end of the day, the choice was made in favor of the Delfia/Zscaler solution. To avoid overloading Messer Gases’ digital environment, the POC was conducted in the cloud, in the Delfia Zscaler NFR (Not for Resale) environment.
“In this test, conducted with the support of Delfia curators, we even simulated the interaction of some employees with the platform. Users liked the solution. For IT, it was also important to verify the solution’s alignment with Azure AD,” Ferrão said.
The solution has been in operation at Messer Gases since 2022, and the IT and security teams have already evaluated the delivered results. There is now a dynamic and varied inventory of user profiles, including details of device configurations and patch updates used by employees. It has also become easier to have granular control over how much each user consumes in terms of information volume.