As remote work has become more common precipitated by the pandemic, the attack surface for a company’s network has also increased.
With employees accessing the network from a variety of locations, the corporate network perimeter has moved to the device endpoint, and with that comes a new set of security considerations and potential vulnerabilities. Implementing the right cybersecurity measures is critical for IT teams to keep a company protected from bad actors. Regardless of where your employees work from, they need the same level of secure access to tools, services, and applications.
To improve their security posture, businesses are constantly turning to the latest set of cloud-based security capabilities under the Secure Access Service Edge framework, also known as SASE. There are currently different interpretations of what SASE means, potentially making it difficult for companies to decide which solution they really need.
The main components of SASE
The foundation of the SASE concept is the integration of SD-WAN network functions with security and performance-enhancing features such as Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Zero Trust Network Access (ZTNA). Since the industry acronym emerged, the definition of SASE has gradually expanded, and what a SASE implementation should look like is still evolving. Therefore, there are several approaches to implementing SASE, each with inherent benefits and challenges.
The theoretical ideal is a single source approach, with one technology provider offering a complete SASE solution. Unfortunately, this approach is hampered by the fact that most vendors on the market cannot provide one or more of the key components of SASE. Leading vendors are moving to be able to offer a mature and complete solution, but today most organizations implementing SASE need to select multiple vendors. To mitigate complexity, a two-vendor solution offers a fair compromise, with one vendor focused on SD-WAN and network functionality and another on various security features. Deployments with three or more vendors are also common, with multiple vendors for the security components of the solution. Industry analysts predict that most organizations will look to consolidate vendors as the market continues to mature.
For many organizations, this has made SASE a new frontier to explore, with countless features, functionality, and limitations to understand and navigate in order to optimize their secure network management.
SASE in today’s world
Despite the somewhat expansive appearance of the nascent market landscape, SASE is poised to become the next big paradigm shift for enterprise network security, promising to reduce complexity and cost, improve performance and latency. of the network and enable companies to adopt a zero-trust model. network access approach as companies migrate to a more permanent hybrid workforce model.
Users gain access to the network based on their identity, device, and application, rather than IP address or physical location. The advantage of this is that it will ensure secure access to company data resources, whether employees are working in the office, from home, or in a nearby cafe.
What companies need to keep in mind, however, is that since it’s still a new technology, vendors are still refining their solutions. The current path to SASE should reflect this: companies should not rush in and jump on the latest technology trend, but rather step back and consider what their needs are.
Evaluating a SASE Approach as the Way Forward
As business leaders begin to think carefully about how to adopt this new security framework to harden their network for the new workforce model, a few key considerations can help guide the decision-making process.
They must first ask themselves how the SASE solution should be designed to address their specific business challenges. This includes how the solution improves the user experience. In addition, they must assess the solution requirements to ensure alignment with their risk management strategy. Finally, they should carefully assess the advantage of opting for managed security versus a do-it-yourself approach to get the full benefit of cloud security functionality integrated with network functionality.
When in doubt, always consider working with a trusted advisor who can demonstrate a strong understanding of the expanding cyber threat landscape and the most effective technologies to protect against network breaches. Also, look for providers that have professional service resources that can help you assess key security considerations and optimized approaches for your business.
About the Author
Samir Desai, Director of Managed Services at GTT. GTT connects people in all organizations, around the world, and to all applications in the cloud. Our customers benefit from an exceptional service experience built on our core values of simplicity, speed and agility. GTT owns and operates a global Tier 1 Internet network and provides a full suite of cloud network services.
Featured image: ©Eduard Muzhevskyi