How Zscaler automated access, accelerated onboarding, and simplified compliance

Zscaler, the leader in cloud security, protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. As the company scaled, so did the complexity of managing access across hundreds of corporate, engineering, and compliance-driven systems. Employees needed a fast, reliable way to get the right access. IT and compliance teams needed assurance that their workflows were efficient, consistent, and audit-ready and ConductorOne (C1) delivered the solution they were looking for.

The challenge: Manual complexity slowed employees and strained teams

Prior to implementing C1, Zscaler’s identity processes were manual, fragmented, and difficult to scale. Provisioning could take weeks, access reviews required piecing together spreadsheets and screenshots, and new employees often had to figure out what they needed access to on their own. Zscaler recognized an opportunity to streamline and automate identity governance to better support productivity, security, and compliance. 

Without a single system, employees had to navigate a maze of ServiceNow tickets, Cheetah requests, and manual approvals. New hires weren’t automatically mapped to entitlements based on their role, so provisioning required multiple tickets and back-and-forth approvals. Security prerequisites, like mandatory training or YubiKey registration, added further steps. For some employees, the entire process could take weeks.

For compliance teams, reviews and audits were also fragmented. Each application had its own reports, which had to be reformatted and compiled into spreadsheets and screenshots. SOX reviewers needed to check privileged access. Engineering reviewers needed to validate not just access, but whether training had been completed. Manual processes consumed hours of work and left room for error. 

Meanwhile, the IT help desk was managing a growing volume of access-related tickets. With no centralized process, they fielded requests across multiple tools, creating bottlenecks and adding pressure to keep up. 

“The biggest challenge was that it was highly manual. A person joining needed to figure out what access they would need. It wasn’t tied to their role. Getting through security training or hardware steps could sometimes take weeks.” — Dheeraj Malik, Director of Corporate Applications, Zscaler 

The solution: A security-first approach to identity with ConductorOne 

To solve this, Zscaler needed a solution that could unify access, automate workflows, and still meet its high security standards. ConductorOne stood out immediately for their security-first approach to identity and ability to solve all of their access challenges. 

“One of the key differentiators we found with ConductorOne was their security-first approach to solving access.”

Dheeraj Malik

Director of Corporate Applications

“One of the key differentiators we found with C1 was their security-first approach to solving access.” — Dheeraj Malik, Director of Corporate Applications, Zscaler  

The platform provided a single gateway for access requests, integrated with hundreds of applications, and aligned access to job function and team. Security prerequisites like training and YubiKey registration were enforced automatically through workflows instead of manual checks.

“We chose C1 because from the get-go we were very clear about what we were looking for. We had about 10 specific use cases, and our immediate goal was to have our engineers productive within 36 hours of them joining. C1 was able to achieve those outcomes in a short span of time, and that set them apart.” — Dheeraj Malik, Director of Corporate Applications, Zscaler 

Faster onboarding and immediate productivity 

One of the most visible improvements came in onboarding. Previously, new hires filed tickets, waited for approvals, and often sat idle until training or hardware steps were completed. With ConductorOne, role-based access control (RBAC) is entirely automated, and Okta incremental sync ensures new profiles are provisioned in minutes. Provisioning that once took days or weeks now happens in minutes on fully connected applications.

“The day a new hire joins, the RBAC rules kick in and they get all the access they need within 10 minutes.” — Dheeraj Malik, Director of Corporate Applications, Zscaler  

In line with their security-first culture, Zscaler requires engineers to complete mandatory security training prior to accessing source code or any other production systems. ConductorOne automated the entire process, reducing engineer provisioning time by 156 hours, allowing them to begin contributing immediately.

“With a ConductorOne workflow, approvals, training assignments, and provisioning were automated. New hires got access within minutes after they joined.” — Rashmi Bilgundi, Director of Identity and Access Management, Zscaler

Compliance made simpler and more accurate 

User access reviews also underwent total transformation with C1. Previously, reviews were manual and inconsistent, with app owners compiling spreadsheets and screenshots for auditors. With ConductorOne, campaigns are standardized and can be launched in minutes. 

“Before ConductorOne, app owners were burdened with pulling together different lists in a place where it’s acceptable by the audit team. And a lot of hours and days were spent in just putting this together. ConductorOne streamlined our user access reviews in a fashion where everything is in one place. You just set up the campaign and get it going within minutes.” — Rashmi Bilgundi, Director of Identity and Access Management, Zscaler  

By focusing on exceptions rather than revalidating every user, Zscaler reduced review volume by 35%. Reviewers now spend less time, with greater confidence in the accuracy of the data. Auditors can see real-time evidence of who requested, who approved, and whether training was completed.

“With the reduction in time and the automation enabled by insights from C1’s campaigns, we were able to articulate entitlements in clear, business-native language. That helped reviewers not only complete reviews faster, but also trust what they were seeing and determine whether access made sense for each employee. As a result, our user access reviews are faster, more confident, and aligned with compliance requirements.” — Rashmi Bilgundi, Director of Identity and Access Management, Zscaler 

Reduced IT burden and smoother user experience

The IT help desk also benefited from C1’s workflows. With about 250 apps integrated into ConductorOne, access provisioning tickets dropped by 60%. Employees gained a central, intuitive experience by requesting access directly in Slack, and managers can approve without leaving the app. 

“Help desk tickets used to be a burden, especially access requests. With C1, our help desk provisioning tickets have reduced by 60%.”

Rashmi Bilgundi

Director of Identity and Access Management

“Help desk tickets used to be a burden, especially access requests. With C1, our help desk provisioning tickets have reduced by 60%.” — Rashmi Bilgundi, Director of Identity and Access Management, Zscaler 

End users appreciated the simplicity too. The catalog shows what access they already have, which reduces duplicate requests and gives them clarity on their entitlements.

Partnership and scale 

Rolling out ConductorOne required thoughtful preparation: defining RBAC roles, entitlements, and revocation policies. Zscaler prioritized sustainable implementation, expanding steadily over 12 months to integrate more than 250 applications.

C1’s team worked closely throughout the rollout, providing guidance and support that felt like an extension of Zscaler’s own staff. 

“It sometimes doesn’t even feel like working with a vendor. C1 has been so integrated with our team that it feels like an extension of Zscaler.” — Dheeraj Malik , Director of Corporate Applications, Zscaler

“It sometimes doesn’t even feel like working with a vendor. ConductorOne has been so integrated with our team that it feels like an extension of Zscaler.”

Dheeraj Malik

Director of Corporate Applications