Updated: Feb 17, 2026
When the IT head at a mid-sized automotive components manufacturer in Pune logged in that Tuesday morning, 47 engineers had already connected to the production database from coffee shops, home offices, and shared workspaces across three cities. The VPN showed green. The firewall logs looked clean. The breach had started six hours earlier.
The compromised credentials belonged to a contract designer working from a co-working space in Gurugram. The attacker needed 14 minutes to move laterally from design files to inventory systems. By the time the security team caught it, 18 months of proprietary die-casting specifications had left the network.
The investigation report said what everyone already knew: the perimeter had dissolved, but the security model assumed it still existed.
Remote work redrew the threat map without asking permission. For Indian manufacturers and IT services firms managing distributed teams across tier-two cities and metro satellites, the old castle-and-moat approach is not just weak. It is structurally obsolete.
The solution is Zero Trust Network Access (ZTNA), a security framework that replaces VPN-based remote access with continuous verification and application-level control. For manufacturers and IT services firms across India, ZTNA delivered through Cisco's Security Service Edge (SSE) platform eliminates lateral movement while maintaining user productivity.
The VPN gives your remote workforce a tunnel to the corporate network. What it cannot do is verify who sits at the other end of that tunnel at 11 pm. It cannot distinguish between your senior architect in Kochi and the credentials broker in Minsk who bought her password from an info-stealer log three weeks ago.
Traditional network security operates on a binary assumption: inside equals trusted, outside equals hostile. This worked when "inside" meant a building you could lock. It fails when your operations manager connects from a resort in Goa, your accounts team works from Indore, and your procurement head logs in from a client site in Nashik.
VPNs were not designed for the attack surface of 2025. They grant broad network access based on location, not identity. Once through the gate, lateral movement is easy. An entry point becomes a foothold, becomes a full compromise.
Remote work has triggered data breaches in 63 per cent of businesses, with phishing campaigns increasing in both volume and precision. The manufacturing sector saw 30.14 per cent of ransomware incidents in India in 2024, driven largely by the expansion of remote access points and inadequate segmentation.
The regulatory environment has also shifted. The Digital Personal Data Protection Act carries penalties that scale with breach severity. Demonstrating due diligence requires more than firewall logs and antivirus receipts. It requires proof that you verified every access request, every session, every time.
For organisations still running legacy VPN infrastructure, the cost of breach response, regulatory penalties, and reputational damage far exceeds the investment in modern Zero Trust Network Access solutions. Enterprises report 72 per cent reduction in security incidents within the first year of ZTNA deployment.
Zero Trust Network Access solution discards the perimeter as a security boundary. It treats every access attempt as potentially hostile, regardless of origin. Authentication happens continuously. Access is granted at the application level, not the network level. Users see only what they need to do their job. Nothing more.
ZTNA represents a fundamental shift from VPN replacement to identity-based access control. Where VPNs provide network-level access, ZTNA enforces application-level segmentation with continuous trust evaluation.
The framework rests on three principles:
This is not a theoretical security architecture. It is how you prevent the next Pune incident from becoming your Pune incident.
Cisco Secure Access is a cloud-delivered Security Service Edge (SSE) platform that consolidates Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Firewall-as-a-Service (FWaaS) into one control plane. It sits between your users and the resources they access, enforcing policy before the connection is made.
The platform combines zero-trust network access, secure web gateway, cloud access security brokers, DNS-layer security, data loss prevention (DLP), and remote browser isolation (RBI) in one license and management console.
The deployment model eliminates hardware bottlenecks. Your workforce connects to the nearest cloud point of presence, which enforces policy and routes traffic. No appliances to rack, no concentrators to scale, no backhauling through headquarters.
For organisations operating across Mumbai, Bengaluru, Delhi NCR, Chennai, Pune, and Hyderabad, this architecture delivers consistent policy enforcement with local latency. Manufacturing sites in industrial clusters like Gurgaon, Hosur, and Rajkot benefit from the same security posture as headquarters.
Identity becomes the control plane. Access decisions are made based on who you are, what device you are using, where you are connecting from, and what you are trying to reach. The platform integrates with existing identity providers: Azure AD, Okta, Ping, and Google Workspace. Multi-factor authentication is mandatory, not negotiable.
Device posture is continuously assessed. Is the operating system patched? Is endpoint protection running? Is the device managed or unmanaged? Policy enforcement adapts to device health. A compliant, corporate-managed laptop gets different access than a personal tablet connecting from a shared network.
Application access is granular. Users authenticate to specific applications, not the network. A procurement officer accessing the ERP system does not gain visibility into HR databases or R&D repositories. Segmentation is enforced dynamically based on role, context, and risk.
Threat intelligence from Cisco Talos feeds real-time protection. Malicious domains, command-and-control infrastructure, and phishing sites are blocked before the DNS request completes. The platform sees what is happening across 600 billion daily requests globally. Your environment benefits from that visibility.
Data loss prevention operates inline. Sensitive files moving to unauthorised cloud storage or personal email accounts are detected and blocked. Policy can be tailored to regulatory requirements: export-controlled technical drawings, customer financial data, and personally identifiable information under DPDP.
For organisations subject to RBI Cyber Security Framework for BFSI or ISO 27001 requirements, Cisco SSE provides audit-ready compliance reporting and policy enforcement aligned with regulatory mandates.
A surgical instruments manufacturer in Coimbatore operates three production units and employs 340 people. Half the engineering team works remotely. Quality inspectors access the production management system from factory floors. The procurement team connects from supplier sites across Tamil Nadu and Karnataka.
Under the old model, everyone logged into the VPN. Once authenticated, they had a line of sight to the entire internal network. Segmentation existed in theory but was rarely enforced. Access sprawl accumulated over time. Offboarding was inconsistent. Former employees sometimes retained credentials for weeks.
The migration to Cisco Secure Access began with identity consolidation. All users were mapped to Azure AD. Multi-factor authentication became mandatory for every session. Device compliance policies were defined: operating system version, antivirus status, and encryption requirements.
Application access was segmented. Production engineers could reach the manufacturing execution system, but not payroll. Quality inspectors saw test result databases but not procurement contracts. Procurement staff accessed vendor portals and ERP, but not design specifications.
Policy enforcement moved to the cloud edge. When a user authenticated, the system verified identity, checked device compliance, assessed location and time, and granted access only to permitted applications. Each session was logged. Anomalies triggered alerts. Attempts to access unauthorised resources were blocked and flagged.
Within 90 days, the attack surface had contracted. Within six months, lateral movement was architecturally impossible. When a phishing attempt compromised one set of credentials, the attacker found themselves in a dead end: authenticated to a single low-risk application with no visibility into the wider network.
Is your remote access architecture built for distributed operations? Schedule a Zero Trust readiness assessment with Proactive Data Systems to identify gaps and map your migration path.
Security architecture is not a product you buy. It is a capability you build over time with a partner who understands how these systems behave under operational stress.
Proactive Data Systems holds Cisco Preferred Security Partner status in India under the Cisco 360 Partner Program. This is not a sales tier. It is portfolio-specific validation of delivery capability: design, deployment, operations, and lifecycle management. The designation reflects validated expertise across core security domains and an ability to deliver outcomes at scale.
Many partners can sell Cisco licences. Fewer can design a Zero Trust architecture that integrates with your existing identity stack, respects your operational constraints, and scales across distributed locations without creating new failure points.
Proactive's approach begins with architecture, not procurement. What are your critical applications? Who needs access? From where? Under what conditions? What data cannot leave the organisation? What regulatory obligations apply?
Deployment is structured. Pilot groups validate design assumptions before organisation-wide rollout. Policy is tuned iteratively based on real user behaviour, not theoretical models. Edge cases are surfaced and addressed before they become escalations.
Operations continue beyond go-live. Security posture does not remain static. Threat patterns evolve. Your organisation changes. New applications are deployed. Acquisitions introduce new user populations. The architecture must adapt. Proactive maintains operational engagement throughout the lifecycle, not just the initial build.
Support is delivered pan-India, with teams in Delhi, Mumbai, Bengaluru, Chennai, Pune, Hyderabad, Indore and Chandigarh. When an issue arises at 9 pm, local engineers respond, not a remote helpdesk reading from scripts.
This delivery model aligns with how Cisco evaluates Preferred Security Partners: lifecycle ownership, consistent outcomes, regionally distributed execution capability. Customers gain certainty that the partner can support what they sell.
Moving to a Zero Trust Network Access solution does not require a forklift replacement. The transition happens incrementally.
Start with identity. Consolidate your user directory. Enforce multi-factor authentication. Map users to roles. Define what each role needs to access.
Pilot on low-risk applications. Choose a non-critical system with a small user group. Deploy Cisco Secure Access for that application. Validate that the policy works as designed. Gather user feedback. Adjust.
Expand iteratively. Add applications in phases. Increase user populations gradually. Monitor each deployment for anomalies or friction. Refine policy based on observed behaviour.
Retire legacy remote access as coverage expands. Once critical applications are behind Cisco Secure Access, the VPN becomes redundant. Shut it down.
Throughout this process, keep operations stable. Users should not experience authentication fatigue or workflow disruption. If security creates friction, users will find workarounds. If the experience is seamless, adoption is smooth.
This phased approach typically delivers a 40 per cent reduction in remote access infrastructure costs within the first year, driven by VPN licence retirement, reduced help desk tickets, and consolidated security stack.
The threat landscape of 2025 is defined by automation, AI-generated phishing, credential marketplaces, and ransomware-as-a-service. Attackers operate at scale. Defence must operate at a greater scale.
Cisco Secure Access benefits from Talos threat intelligence: analysis of 600 billion daily requests, research from one of the largest commercial security teams globally, and machine learning models trained on decades of attack data. 91 per cent were willing to recommend Cisco SSE as of August 2025, based on peer reviews emphasising performance, user experience, and operational integration.
Regulations will tighten. The DPDP rules are only the beginning. Organisations that can demonstrate continuous verification, application-level access control, and real-time monitoring will find compliance easier. Those still relying on perimeter models will struggle.
Cisco SSE aligns with ISO 27001, SOC 2, and NIST frameworks, providing audit-ready evidence of access controls, privileged access management, and security posture assessment across distributed environments.
Remote work is permanent. Distributed teams are not a temporary accommodation. They are the operating model. Security must reflect this reality, not resist it.
For Indian organisations managing teams across tier-1 metros, tier-2 cities, and industrial clusters, secure remote access is not an IT initiative. It is a business continuity infrastructure.
The perimeter dissolved years ago. The attack in Pune was not an anomaly. It was a preview of what happens when security architecture lags operational reality.
Zero Trust Network Access solution shifts the foundation from assumption to verification. It replaces broad access with granular control. It treats location as context, not credential. It assumes breach and limits damage.
Cisco SSE delivers this as infrastructure, not theory. Proactive Data Systems deploys it as a lifecycle capability, not a one-time project. If your organisation operates across distributed locations, supports remote teams, or manages sensitive IP in IT services or manufacturing environments, this is not an optional upgrade. It is a structural necessity.
Proactive Data Systems is a Cisco Preferred Security Partner delivering Zero Trust architecture for mid-market and enterprise organisations across India. We design, deploy, and operate Cisco Secure Access environments for manufacturers, IT services firms, and regulated enterprises requiring continuous verification and application-level access control.
Our India delivery model supports pan-India execution with regionally aligned teams in Delhi NCR, Mumbai, Bengaluru, Chennai, Pune, Hyderabad, Indore, and Chandigarh. We maintain lifecycle ownership from architecture through long-term operations, ensuring your security posture adapts as threats and business requirements evolve.
Portfolio-specific validation under the Cisco 360 Partner Program reflects delivery capability across network security, identity, and Zero Trust environments. This is not vendor status. This is measured performance in real customer environments.
Schedule an architecture review to assess how the Zero Trust Network Access solution applies to your distributed operations, regulatory requirements, and application environment. We work with organisations that need certainty, not experiments.
Contact Proactive Data Systems. Verify your assumptions. Limit your exposure. Demonstrate compliance. Write to [email protected]
