When the world hit pause during the pandemic, home offices, remote work, and the adoption of cloud-based business applications created new avenues of attack for cybercriminals. Distributed denial-of-service (DDoS) attacks, malware, ransomware, and other criminal and disruptive activity surged significantly. A report by Omdia found that there have been an increase in security attacks on enterprises since 2020 across network applications, public and private clouds, and fixed and mobile endpoints.
Along came SASE, or Secure Access Service Edge, a framework that promises a better and more secure integration of software-defined networking and cloud-based security. Though the concept was first coined in 2019, it unsurprisingly rose to popularity in the last two years. If you are wondering whether it works and if it is enough to curb cyber threats – the short answer is yes, though its effectiveness depends on how SASE is deployed in the organisation.
First off, what exactly is SASE?
SASE is defined as a cloud-based offering which combines the functions of SD-WAN with performance-enhancing and security features, such as cloud access security broker (CASB) and zero-trust network access (ZTNA). To break down what that means –
- Cloud Access Security Broker (CASB): CASB acts as a bouncer between users and cloud providers. As an intermediary, this solution extends visibility and allows enterprises to enforce security policies in a cloud-specific environment. Users can safely access SaaS apps without fear that cloud providers will threaten confidential data.
- Zero-trust network access (ZTNA): ZTNA takes an identity- or context-based approach to network access. In essence, this security solution denies users, devices, or applications access to services by default if they haven’t been explicitly granted permission by the organisation. Unlike VPNs, which use an implicit trust framework, ZTNA explicitly verifies users’ identities before permitting network access.
What changed during the pandemic
Now, let’s set the scene back to 2020. Then, many enterprises were pressured to accelerate digital initiatives. Suddenly, IT and security teams needed to connect and secure employees over internet services. This meant migrating business applications and workloads to the cloud so employees could continue to perform their jobs and maintain business operations. Companies had to dial up their investments and focus on security.
A new enterprise survey by Omdia compared results from 2020 and 2021 and found that the 18-month investment plans for enterprises show a steady increase in all areas of security, reflecting growing concern over ever-evolving security threats. Key areas of investment growth include traditional security capabilities such as firewalls and increased focus on protecting data and applications by tightly managing access to network and business applications.
These findings represent an encouraging sign of companies moving in the right direction, but another key one stands out. The survey found that enterprise SASE adopters are happy with their deployment and operating experiences, with satisfaction ratings reaching the highest Omdia has recorded for any network transformation service since 2017.
What it takes to deploy SASE successfully
According to Gartner, by 2025, at least 60% of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch and edge access, up from 10% in 2020. There are several approaches to deploying SASE, each with inherent benefits and challenges. The theoretical ideal is the single source approach, with one technology provider delivering a full SASE solution.
However, it’s worth noting that the reality is different as most vendors in the market cannot provide one or several of the key SASE components. Leading vendors are moving toward being able to deliver a mature and complete solution, but currently, most organisations that are deploying SASE find themselves needing to select several vendors. Typically, a two-vendor solution is an approach to mitigate complexity as it offers a fair compromise, with one provider focused on SD-WAN and network functionality and another on the various security features. Deployments featuring three or more vendors are also common, with multiple providers for the security components of the solution, but industry analysts predict that most organisations will look to consolidate vendors as the market continues to mature.
A truly successful deployment hinges on the company’s security strategy and taking a consultative approach to network transformation. It is important to remember that SASE is not its own technology or service. The term describes a suite of services that combine SD-WAN with cloud-based security services to protect the company from web-based attacks and unauthorised access to the network and applications. By integrating SD-WAN and cloud security into a common framework, SASE implementations can both improve network performance and reduce security risks. But because SASE is a collection of capabilities, organisations need to have a good understanding of which components they require to best fit their needs.
For example, businesses in markets such as healthcare, retail and financial services often rely on remote workers to staff contact centres. Since these employees access confidential data online and communicate with customers via web chat, text and telephone, the enterprise needs to identify and implement security solutions catered to those channels.
It is also critical for companies to ensure collaboration across teams. Historically, network and security have been handled by different teams with different priorities and views. As such, integrating network and security and finding a way to unify teams to foster information and data sharing can protect the overall organisation.
Setting ourselves up in the new era of working
We will find ourselves taking diverse paths in this complex network environment, be it deploying SASE independently or with the help of a managed service provider. But our destination is the same. All of us are looking for an integrated, robust approach that secures all aspects of the enterprise environment from headquarters and branches to data centres to devices, people, and applications. Those who have yet to get started on SASE ought to, and those who have already started should review their present processes to make sure it is deployed in the most effective way possible. Ultimately, SASE is an approach that will benefit us in the long term in this new era of working.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.