Navigating the SASE Maze
By Jonathan Lee, Senior Product Manager, Menlo Security
You would have to rewind to 1726 to find the world’s first office. Originally the result of the British empire expanding and engaging in growing levels of trade, it has become the template from which the vast majority of white-collar work has been completed for the near three centuries since.
Yet, since 2020, the traditional role of the office has been called into question.
The pandemic has had a profound impact that will shape the operations and models of organisations around the world for decades to come. In the case of the workplace, these were previously considered to be vital hubs of productivity; the defining cores of organizational culture and a key factor in securing talent and business.
However, as vaccination campaigns around the world begin to gather momentum, offering up the key to unlocking societies, communities and economies once more, it seems unlikely that many of these buildings will revert entirely to their original purpose.
During the UK’s initial lockdown, the number of those working exclusively at home rose eightfold from 5.7% in January/February 2020 to 43.1% in April 2020. And as we muddle through 2021, it’s becoming increasingly clear that this “new normal” is, at least in part, here to stay – not just in the UK, but globally.
According to Strategy Analytics, the mobile workforce around the world is anticipated to be 1.82 billion strong come 2022, which will account for 42.5% of the total global working population.
It seems, therefore, that hybrid and remote working models may well prevail. But within this shifting physical to digital dynamic, various considerations need to be made to maximise the benefits of such operations.
It is not a case of simply flicking a switch – for companies to continue operating successfully on a physically disparate basis, the right preparations and infrastructure needs to be implemented that can support the challenges of remote working.
Security is one such challenge, and of paramount importance to any business.
Let’s consider the context: Many companies were forced to turn to the cloud almost overnight in order to sustain operations remotely, and since have reaped the rewards, their employees able to conduct work and access productivity enhancing applications with ease.
Ordinarily, with so much sensitive information hosted on these platforms, security should not just be a consideration, but rather the front and centre of such a cloud strategy. There are signs, however, that it has all too often been overlooked.
Where enterprises have shifted to cloud operating models, they have retained the same security practices and policies that were designed for the physical office setups, often supported by on-premises servers – policies that aren’t adequate in a remote arena.
Indeed, a lack of coherent cloud-based security has created vulnerabilities. Somewhat haphazardly, many companies have been relaying network traffic between multiple checkpoints like firewalls, interrupting traffic flow and creating unwanted exposure.
Some have turned to virtual private networks (VPNs) as a resolution, but these are flawed. Not only do they fail to scale, but they can easily create traffic bottlenecks, adversely impacting productivity and compromising security.
So, what’s the solution?
Secure Access Service Edge
A term coined by Gartner, Secure Access Service Edge (SASE) refers to the simplification of networking and security that is achieved by delivering both elements as a cloud service to the source of a connection directly, rather than via an enterprise data centre.
It entails the integration of software-defined wide area networking (SD-WAN) capabilities with network security functions such as CASB, Cloud SWG, ZTNA/VPN, WAAPaaS, FWaaS, DNS and RBI. In doing so, and potentially by integrating with 5G as well, it provides organisations with the opportunity to create frameworks that support today’s dynamic, secure access needs.
From a more technical perspective, it relies on a distributed group of cloud gateways, also known as local points of presence (POPs), that receive traffic from other locations running SD-WAN devices. Within each POP, all security functions and policies – be it web and email security or firewall and access control – are implemented.
Within this framework, security becomes an extension of the user – their data and applications – while visibility and control are maintained regardless of location or device type.
Unlike VPNs and other legacy solutions, SASE has been built with a cloud-first mindset.
Instead of trying to force a square peg into a round hole, resulting in failed remote or hybrid working models suffering from hampered SaaS adoption, it provides complete, seamless protection while equally prioritising productivity.
Indeed, the benefits that it offers are noteworthy.
Take data, for instance. SASE’s integration of networking and security capabilities allows organisations to guard against sophisticated threats while reducing the potential for unplanned data loss.
Productivity is also increased, SASE seamlessly enabling employees to work wherever they are and use the applications that they need without delay or failure. In turn, frustrations with potential bottlenecks that could cause employees to attempt to find workarounds will be eliminated, ensuring an organisation is not inadvertently put at risk.
It is said that SASE is becoming much more of a business enabler for this very reason, helping to move security away from its traditional stereotype as a roadblock in many organisations and towards a new status as a facilitator, allowing companies to capitalise on the advancements of cloud and SaaS applications without having to enforce changes to user behaviours.
SASE isn’t limited to a desktop or laptop either. Mobile devices are often overlooked in security protocols, but it is vitally important that they are protected – these are also potential gateways for hackers. With an integrated cloud security solution that focuses on the device, protective security experiences can also be rolled out on more portable devices that have become part and parcel of remote and hybrid working environments.
Should I consider SASE?
SASE is causing a buzz right now, and for good reason.
Be it bolstered security, enhanced productivity or an improved user experience, enterprises leveraging it have been empowered.
There are some challenges which need to be overcome before SASE can be implemented. The cloud platform needs to be smart, dynamic and scalable enough to deliver secure access to resources, for example, no matter where an end user might be located. Therefore, putting the time and resources into ensuring you partner with the right vendor will pay dividends in ensuring a smooth transition.
Further, it is unlikely that the best approach for businesses would be to buy all the different components of SASE from a single vendor. While a limited number of companies do offer an all-in-one SASE solution, such may result in vendor lock in and significant compromises. Multiple vendors may, therefore, need to be consulted in order to achieve an effective, fully integrated SASE-ecosystem.
What is certain, however, is that for many, this transition could be the key to unlocking their business’s potential in the new, hybrid or remote working normal.
As of 2021, according to the latest CyberEdge Cyberthreat Report, 74% of IT security decision makers are currently adopting technology capable of supporting SASE architecture, with these foundations likely to lead down this path.
While Gartner had originally made predictions that it would take 10 years for SASE to become mainstream, the pandemic has accelerated adoption by between three and five years, meaning it has very much become a reality in the here and now.
Many are looking to adopt it much quicker and embrace its sweeping benefits. Those that do will be well positioned to advance their business on hybrid working platforms for years to come, transforming their organisations into more competitive and exciting prospects.
Those that don’t, however, could be faced with an uphill battle against limited security for users and stifled productivity.