Securing SIM-Connected IoT and OT Devices with Zscaler

February 05, 2026

Beyond Wi-Fi: Why Zscaler’s SIM Support Matters for IoT, OT and Everything in Between

Most of us are used to talking about Zero Trust in the context of users and applications. Laptops, browsers, remote access — the usual. But lately, customers have started asking about factory equipment, medical devices, kiosks, fleet systems and all kinds of “things” that sit far outside traditional networks.

And increasingly, those devices are not connecting over Wi-Fi or Ethernet at all — they are using cellular SIM cards.

This shift raises a whole new set of security questions. Historically, there has not been a clean, scalable way to integrate these devices into a Zero Trust model. Zscaler’s newly announced support for SIM-connected internet of things (IoT) and operational technology (OT) devices is a significant advancement because it meaningfully changes what is possible at the edge.

The New Edge Isn’t the Office — It’s Everywhere Else

Walk into any modern business — a hospital, a retail store, a distribution center, a plant — and you will see connected things everywhere. Some are new, some are ancient and many don’t run anything close to a modern operating system.

Many of these devices rely on 4G/5G, providing a convenient and reliable solution while bypassing the complexity of corporate Wi-Fi networks. As a result, IT and security teams have almost zero visibility or control.

That is where organizations get nervous:

• They lack traffic visibility
• They fail to enforce policy
• They lack segmentation capabilities
• And they often cannot patch or harden these devices

This set of vulnerabilities is highly attractive to attackers.

Where Traditional Security Falls Apart

Most of the tools companies rely on — firewalls, VPNs, NAC, VLANs — assume the device is on the network. SIM-connected devices break that assumption.

SIM-connected devices operate in isolation, connecting directly to the internet via mobile carriers and avoiding corporate security checkpoints. So even if a company has invested heavily in Zero Trust for users, they still have this massive blind spot.

This is the moment where customers throw up their hands and say, “We know this is a risk, but what else can we do?”

Until now, the answer has been: not much.

What Zscaler Announced — And Why It Is a Big Deal

At Zenith Live 2025, Zscaler introduced a solution that directly fills this gap: native support for SIM-connected devices and non-traditional endpoints.

In plain English:
With this update, Zscaler can now clearly identify, inspect and apply Zero Trust policies for devices connecting over 4G/5G networks — without requiring access to corporate networks, special hardware or installing an agent on the device.

Here’s what this unlocks:

• The device gets a real identity, not a “mystery IP”
• Traffic flows through the Zero Trust Exchange for inspection
• You can apply least-privilege access and segmentation
• You gain visibility you did not have before — in real time

This aligns SIM-connected assets with the same security model companies already use for users and workloads. It’s consistent, scalable and does not require rearchitecting networks that were never built with IoT or OT in mind.

So, How Does It Actually Work?

Without getting overly technical:
SIM-connected devices talk to the mobile network as usual, but instead of going straight out to the internet or back to a vendor, traffic gets steered to Zscaler’s cloud.

From there:

• Zscaler authenticates the device
• Applies the right security and access policy
• Logs and inspects traffic
• Enforces segmentation and threat prevention

There is no reliance on corporate Wi-Fi or LAN infrastructure, nor any requirement for private tunnels, custom APNs or complex firewall routes.

It is simply Zero Trust delivered through the network the device already uses.

Where Customers Will Use This (And Where You Can Start Conversations)

This is one of those releases where the use cases immediately jump out:

Manufacturing

Factories are full of sensors, robots, PLCs and vendor systems running on private LTE/5G. Many are legacy machines that cannot be touched. SIM-based Zero Trust lets you isolate each one without redesigning the plant network.

Healthcare

Medical equipment is increasingly connected and often relies on cellular links. With Zscaler, organizations get visibility and policy control without relying on the device OS or hospital network.

Retail and Logistics

From point-of-sale terminals to delivery tracking devices, cellular connectivity is everywhere. Zscaler gives organizations a way to secure them consistently, reduce fraud risk and keep operations running.

Energy and Utilities

Remote sites, substations and distributed sensors can finally be brought under centralized visibility and policy — even if they sit in the middle of nowhere.

If your customers operate in any of these industries, this is a strong entry point for strategic Zero Trust conversations.

How to Talk About This with Customers

Rather than delving into mobile network architecture or packet paths, address these practical benefits:

• “If it connects, it can be secured — even if it’s not on your network.”
• “You can apply the same Zero Trust model you already use, now extended to devices.”
• “No hardware refresh or network redesign required.”
• “This closes a major blind spot without adding complexity.”

These messages land well with both IT and OT stakeholders. They are clear, outcome-oriented and speak directly to risk reduction and operational efficiency.

The Competitive Angle

Many vendors are trying to bolt IoT security onto existing firewalls or SD-WAN solutions. It works as long as the device is on the network they control. But the second a device uses a SIM, that entire model collapses.

Zscaler sidesteps that limitation by making the cloud the control point — not the physical network. It is a fundamentally different (and more future-ready) approach.

This is where the conversation naturally shifts from ’point feature’ to ’platform advantage.’

Why This Matters Right Now

Organizations are rapidly expanding their edge footprint, often faster than they can secure it. Private 5G is growing. More equipment is coming online. OT teams are connecting gear that has been isolated for decades.

Security teams need a way to manage all of it without having to manage it all — and this release helps bridge that gap.

It is a practical, scalable way for customers to extend Zero Trust to devices they have not been able to reach before. And it opens the door to larger discussions around identity-based security, telemetry, segmentation and long-term risk reduction.

Final Thoughts

This is not just another feature update — it is a meaningful shift.

SIM-connected devices have been a blind spot for years, and Zscaler’s approach finally gives enterprises a straightforward way to bring them into the Zero Trust fold.

For customers in manufacturing, healthcare, retail, logistics, energy or utilities, this is a great conversation starter. Most of them already know they have exposure in this area. They just have not had a practical option for fixing it.

Take the initiative — connect with your customers today and show them how they can secure their SIM-connected devices, finally closing a critical security gap.