New Regions and Enhanced Local Control Plane Allow Enterprises to Navigate Complex Global Regulations Without Sacrificing Speed, Security or Uptime
SAN JOSE, Calif., March 12, 2026 (GLOBE NEWSWIRE) — Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced a significant expansion of its data sovereignty capabilities globally, powered by the Zscaler Zero Trust Exchange™ cloud security platform. As organizations increasingly demand the ability to independently manage digital assets while complying with local laws, Zscaler continues to invest in providing an industry-leading solution that eliminates the trade-off between global performance and strict local compliance.
For global enterprises, the conflict between protecting data and enabling cross-border collaboration is a major compliance and business challenge to growth. Zscaler already operates 160+ data centers and is present in most countries. Its architecture is based on fully isolated control, data, and logging planes—distinct layers and separation for management, traffic inspection, and record-keeping to ensure sensitive data never leaves its required jurisdiction enabling customers to maintain complete authority over their data. Running a control plane in a country is more complex than just data and logging planes. Zscaler addressed this early on and built a dedicated US & European control plane along with a dedicated logging plane in six different countries. We are now actively extending this functionality to several new regions, with a forthcoming deployment in Canada.
Achieving True Digital Sovereignty: Local Authority, Global Scale
Zscaler resolves the critical conflict between local data protection and global collaboration through a truly decentralized architecture that offers a distinct advantage over alternatives that still rely on shared, global control planes. To further deepen this local authority, Zscaler has introduced:
- In-Region SSL Inspection & Malware Analysis: Decrypts and inspects encrypted traffic locally to stop hidden threats, ensuring that sensitive data and files never leave the jurisdiction for analysis.
- Certified On-Premises Flexibility: Options for customers to leverage Private Service Edges (single-tenant, customer-hosted, and Zscaler-managed appliances) to meet specific hardware certification requirements.
- Region-Specific Support: Dedicated technical teams to help CIOs interpret national regulations and configure services appropriately.
Customer-Controlled Security and Compliance
To support the enterprises’ and organizations’ mandates for audit-ready security, Zscaler’s commitment to digital sovereignty is backed by rigorous third-party validation. Independent assessments verify that the platform encrypts and decrypts traffic without writing data to disk, ensuring absolute confidentiality when it comes to sensitive data handling. Key compliance capabilities include:
- Total Data Ownership: Full control over encryption keys via integration with hardware security modules (HSMs), ensuring only authorized parties can decrypt traffic.
- Unified Compliance Acceleration: Leverages a “Collect Once, Certify All” framework that maps a single set of security controls to overlapping regulatory requirements, significantly speeding up validation for GDPR, NIS2, and DoD IL5.
- Flexible Logging: Options for regional or on-premises log storage to support strict regional compliance and customer policies.
Turning Resilience into Business Continuity
Unlike providers whose core security services are reliant on third-party infrastructure, Zscaler owns and operates its own cloud, ensuring that an outage at any single data center does not impact overall service availability. This architecture allows major financial institutions to conduct firedrills and real world exercises, validating that the platform cannot become a single point of failure.
“The true measure of a security cloud isn’t just global performance, but its ability to adapt to local realities,” said Misha Kuperman, Chief Reliability Officer at Zscaler. “Effective data sovereignty requires customers to have verified authority over their data residency, telemetry and control data plane data. By separating control, data, and logging planes with a decentralized architecture, Zscaler enables customers to align with strict local sovereignty requirements while maintaining the resilience and availability needed for global business continuity.”
For more information, please read our blog, Digital Sovereignty That Works in Practice: Local Control, Global Resilience.
About Zscaler
Zscaler (NASDAQ: ZS) is a pioneer and global leader in zero trust security. The world’s largest businesses, critical infrastructure organizations, and government agencies rely on Zscaler to secure users, branches, applications, data & devices, and to accelerate digital transformation initiatives. Distributed across 160+ data centers globally, the Zscaler Zero Trust Exchange™ platform combined with advanced AI combats billions of cyber threats and policy violations every day and unlocks productivity gains for modern enterprises by reducing costs and complexity.
Forward-Looking Statements
This press release contains forward-looking statements that are based on our management’s beliefs and assumptions and on information currently available to our management. These forward-looking statements include the expected benefits of our data sovereignty capabilities and the solutions and protections offered to our customers. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. A significant number of factors could cause actual results to differ materially from statements made in this press release, including those factors related to our ability to successfully integrate new features of our product offerings into our AI Security portfolio and the business impact additional offerings may have for our customers.
Additional risks and uncertainties are set forth in our most recent Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission (“SEC”) on February 26, 2026, which is available on our website at ir.zscaler.com and on the SEC’s website at www.sec.gov. Any forward-looking statements in this release are based on the limited information currently available to Zscaler as of the date hereof, which is subject to change, and Zscaler will not necessarily update the information, even if new information becomes available in the future.
Media Contact
Taylor Dunton, Sr. Director of Global Public Relations, [email protected]
