As remote working has become more commonplace, precipitated by the pandemic, a company’s network attack surface has also increased.
With employees accessing the network from various locations, the corporate network perimeter has shifted to the device endpoint, resulting in a whole new set of security considerations and possible vulnerabilities. Implementing the right cybersecurity measures is essential for IT teams to protect a business from malicious actors. No matter where your employees work from, they need the same level of secure access to tools, services and applications.
To improve their security posture, enterprises are gradually turning to the latest set of cloud-based security features as part of Secure Access Service Edge, also known as SASE. There are currently different interpretations of what SASE means, making it potentially difficult for companies to decide which solution they really need.
The main components of SASE
The SASE concept is based on integrating the networking functions of SD-WAN with performance and security enhancing features, such as Secure Web Gateway (SWG), Cloud Access Security Broker ( CASB) and Zero Trust Network Access (ZTNA). Since the industry acronym first appeared, the definition of SASE has gradually broadened, and what a SASE deployment should look like continues to evolve. So there are several approaches to deploying SASE, each with inherent benefits and challenges.
The theoretical ideal is the single-source approach, with one technology vendor providing a complete SASE solution. Unfortunately, this approach is hampered by the fact that most vendors in the market cannot supply one or more of the key SASE components. Major vendors strive to provide a mature and comprehensive solution, but currently most organizations deploying SASE must select multiple vendors. To mitigate complexity, a two-vendor solution provides a fair trade-off, with one vendor focused on SD-WAN and networking features and another on various security features. Deployments involving three or more vendors are also common, with multiple vendors for the security components of the solution. Industry analysts predict that most organizations will seek to consolidate vendors as the market continues to mature.
For many organizations, this has made SASE a new frontier to explore, with a myriad of features, functionality, and limitations to understand and navigate in order to optimize the management of their secure network.
SASE in today’s world
Despite the seemingly sprawling landscape of the nascent market, SASE is poised to become the next big paradigm shift for enterprise network security, promising to reduce complexity and cost, improve network performance and latency and enable enterprises to adopt a zero-trust approach. network access approach as companies migrate to a more permanent hybrid workforce model.
Users access the network based on their identity, device, and application, rather than IP address or physical location. The benefit is that it will ensure secure access to corporate data resources, whether employees are working in the office, from home, or at a nearby coffee shop.
However, what companies should be aware of is that because this is new technology, vendors are still refining their solutions. Today’s path to SASE should reflect this – businesses shouldn’t rush and jump on the latest tech trend, but rather step back and think about their needs.
Evaluate a SASE approach as a way forward
As business leaders begin to think carefully about how they will adopt this new security framework to harden their network for the new workforce model, a few key considerations can help guide the decision-making process. .
They should first consider how the SASE solution should be designed to meet their specific business challenges. This includes how the solution improves the user experience. Additionally, they should assess the solution requirements to ensure alignment with their risk management strategy. Finally, they should carefully weigh the benefit of opting for managed security versus a do-it-yourself approach to take full advantage of cloud security functionality built into network functionality.
When in doubt, always consider working with a trusted advisor who can demonstrate a thorough understanding of the expanding cyber threat landscape and the most effective technologies to protect against network breaches. Additionally, look for vendors with professional services resources that can help you assess key security considerations and approaches that are optimized for your business.
About the Author
Samir Desai, Director of Managed Services at GTT. GTT connects people across organizations, around the world and to all cloud applications. Our customers benefit from an exceptional service experience based on our core values of simplicity, speed and agility. GTT owns and operates a global Tier 1 Internet network and provides a full suite of cloud networking services.
Feature image: ©Eduard Muzhevskyi