Automating Data Collection with Zilla Universal Sync

by | Sep 24, 2024

One of the biggest challenges customers have with their IGA processes is the inability to accurately and completely integrate all applications and systems for a holistic view into the account, permission, and entitlement estate. At Zilla Security, we’re committed to making this integration easy and comprehensive for our customers to leverage for User Access reviews and proactive monitoring.

While our product offers hundreds of native API connectors for commonly used SaaS applications, we are particularly proud of our Zilla Universal Sync™ (ZUS) technology. This innovative solution is designed to bridge the gap with legacy products, databases, and other applications that lack user management API endpoints. ZUS gives Zilla customers the ability to do something that no other tool can: integrate with virtually any system they may use.

What is Zilla Universal Sync?

Zilla Universal Sync (ZUS) is a custom-built tool that enables Zilla administrators to sync data from apps that do not have public API functionality around user management. ZUS is available as a browser plugin and it quickly and simply maps HTML interfaces into Zilla for centralized monitoring and access validation. This ease of use and flexibility make ZUS a powerful tool for managing permissions across a wide range of applications, both in the cloud and on-premises.

Intuitive ‘Recipe’ Creation with ZUS

One of the standout features of ZUS is its intuitive data mapping capability. The tool is designed to be user-friendly, allowing administrators to create ‘recipes’ that map data from the HTML interfaces of apps into Zilla. This process is straightforward, requiring no advanced technical skills. With ZUS administrators can quickly and easily define how data should be extracted from applications like 1Password and synced into Zilla.

This simplicity is crucial for organizations that have application control decentralized, which is an increasing number of businesses in today’s dispersed enterprise. Without ZUS, there is no easy way to gain central visibility into all enterprise apps for the purposes of conducting user access reviews or performing essential security audits. Often, teams will require assistance from IT or DevOps to write complex scripts or spend hours configuring the system. Not the case with ZUS! The tool’s user-friendly interface makes it accessible to a wide range of users, from seasoned IT professionals to those who may not have a deep technical background.

Flexible deployment strategy for Cloud and On-Premise deployment

ZUS is designed to help customers meet the diverse and stringent requirements around security and regulatory compliance, without sacrificing flexibility or usability. Teams must navigate a complex landscape of regulatory standards, including data protection laws, industry-specific compliance mandates, and internal security policies. These challenges are magnified in environments where both cloud and on-premise systems coexist, each with distinct security and operational needs. Zilla Universal Sync (ZUS) is designed with this reality in mind, offering a flexible deployment model that can be adapted to any infrastructure setup. Whether dealing with the demands of financial services, healthcare, or other highly regulated industries, ZUS ensures that organizations can confidently meet their operational requirements without compromising on security or compliance, regardless of their deployment model.

Collect User Access Data from the Cloud

For cloud-based environments like AWS, ZUS can be effortlessly deployed using a CloudFormation template. This approach enables organizations to quickly launch a ZUS-in-the-cloud (ZINC) EC2 instance within their existing VPC, facilitating automated data synchronization from applications on a scheduled basis. ZINC leverages AWS Secrets Manager to securely store the credentials for authorized users or service accounts, ensuring secure and controlled access to the necessary applications. Importantly, all deployment and data handling occur entirely within the customer’s cloud infrastructure, maintaining the highest levels of security and ensuring sensitive credentials are managed with utmost care.

Collect User Access Data from On-Premises Systems

For organizations that maintain on-premises environments, Zilla offers a seamless deployment on Linux servers, such as Ubuntu, utilizing the same robust framework that powers our cloud solutions. The deployment process is straightforward, leveraging Docker to integrate into your existing infrastructure with minimal disruption. We refer to this on-premises deployment as a “PO Box”, which is designed to provide comprehensive support for all types of legacy databases and systems. Once deployed, PO Box automates the collection of user management data from on-premises applications, ensuring that even the most complex and outdated systems are fully integrated into Zilla’s security platform. This approach enables organizations to maintain control over their on-premises assets while benefiting from the same level of automation and security that Zilla offers in cloud environments.

Security is a top priority for Zilla’s customers, especially those in industries with restricted network access where integrating SaaS applications can be particularly challenging. PO Box is designed with these stringent security needs in mind, ensuring that all data transfers are conducted securely from the source application to the Zilla backend. By deploying PO Box within the customer’s network, we ensure that credentials to access the on-Prem systems and sensitive information never leave their controlled environment.

Our one-way data transfer model further minimizes the risk of unauthorized access or data breaches by ensuring that data flows exclusively from the docker container to the Zilla backend. This approach reduces the attack surface and guarantees that sensitive PII data remains protected behind customer firewalls. Whether deployed in the cloud or on-premises, ZUS offers a secure and reliable way to automate the collection of user access data, giving organizations the confidence that their data is protected and never exposed outside their network.

The Importance of Secure Authentication

When automating app permissions collection, it’s not just about collecting data—it’s about doing so securely. Zilla supports multiple authorization methods, including Basic Auth, SAML apps, OAuth2, and more. This flexibility allows the application to work directly with customers’ SSO Identity Providers (IDPs) to perform authentication, making the deployment process flexible with customers’ existing setups without sacrificing security.

ZUS also supports Multi-Factor Authentication (MFA) via OTP apps or SMS text. This is especially important when dealing with sensitive applications, like 1Password, where unauthorized access could have severe consequences.

Furthermore, both ZUS-in-the-cloud and PO box deployments’ integration with SSO IDPs means that administrators can centrally manage and govern access.

Use ZUS for Comprehensive App Integration for User Access Reviews

Zilla understands the importance of comprehensive app integration while still accounting for security and usability. Zilla Universal Sync was created to solve for this specific use case, enabling organizations to perform tasks like user access reviews across a broad, diverse, and decentralized application landscape. By enabling integration with legacy systems, databases, and applications without public API endpoints, ZUS ensures comprehensive coverage across the hybrid enterprise. And, with Zilla’s intuitive interface, flexible deployment options, and secure environment, ZUS provides customers with a reliable solution that checks all the boxes for a modern, automated, and comprehensive identity governance strategy.

Author

  • Mike "Bin" Li

    Mike Bin Li, who goes by “Bin”, manages Customer Success and Deployment at Zilla Security. He collaborates with enterprise customers to create frictionless experiences when deploying the Zilla product suite by leveraging their existing infrastructure to architect optimal solutions. He is passionate about helping customers by understanding their unique needs and translating them into tailored product roadmaps that align with their business goals. Prior to Zilla, Bin worked for healthcare IT organizations where he led technical services teams, developing integrations to migrate on-premises solutions to the cloud.

    Connect with Bin via LinkedIn.

    View all posts Customer Success and Deployment

Recent Posts

Leveraging AI to Identify Birthright Access

Onboarding Pain Onboarding pain is an all-too-familiar scenario. You start a new job and are excited about making an impact on day 1. You get your new laptop, log on with your new company email, but unfortunately encounter a major problem. You are lacking all of the...

Why Identity and Segregation of Duties Are the New Perimeter

Jeff Hare recently joined Zilla Channel VP Garrett Long to discuss the importance of identity governance best practices to an organization’s security posture. Check out the webinar recording here. Managing identity has become one of the most critical elements of...