Adding complexity through simplification: Breaking down SASE
In an industry that’s not short of jargon and buzzwords, cybersecurity has a new acronym to reckon with: SASE, or secure access service edge.
Introduced by Gartner in 2019 and initially a niche term that was used by around one percent of enterprises, current predictions suggest that by 2024, 40 percent of businesses will have implemented SASE as a security strategy. The SASE phenomenon has every appearance of going beyond the hype stage and entering the mainstream toolbox for cybersecurity officers everywhere.
But there’s a challenge here, and one that experienced CIOs and CSOs will be familiar with. How to explain this new phenomenon to the executive board in order to justify the direction of company resources to it?
Keeping SASE simple
Even in the most benign circumstances, that conversation is familiar, frequent and often frustrating. After all, cyber attackers are only really limited by the time needed to develop new vectors to attack and this is an industry that moves incredibly quickly.
In this instance, building a case for the SASE approach has an added complication. It requires the CSO to delve deep into the alphabet soup of cyber-security and explain IAM, SWG, CASB and ZTNA, before going on to FWaaS and SD-WAN. It is hard to imagine a situation more perfectly designed to alienate the audience.
Getting this right is important. Because SASE really is a significant step forward, especially for today’s dispersed, fragmented and highly complex networks. And despite our industry’s well-noted habit of hiding the benefits and alienating our end users with esoteric language and obscure abbreviations, we need to build both their understand and with it their confidence in the systems that are being protected.
One thing we have all learnt is that when end users don’t feel comfortable using a system, they’ll find an alternative – and develop a whole new security gap to be plugged. If security is everyone’s business, then keeping it simple is absolutely essential.
Making SASE practical
So, what are the key things to understand about SASE? Gartner defines it as a package of technologies that has SD-WAN, SWG, CASB, ZTNA and FWaaS as core abilities, and which has the ability to identity sensitive data or malware and can decrypt content at line speed – and continuously monitors sessions for risk and trust levels.
In practice, that means that SASE brings together today’s most important security elements as a single service for reliable, high-quality networking in today’s increasingly complex environment.
Because SASE allows key security functions to be moved from the network edge to the cloud, organisations can build a flexible cybersecurity operation that is inherently flexible. Critical security requirements can be segmented and located in accordance with specific operational needs. And, although it supports all users and all devices in a fragmented network, rules and privileges are still set, delivered and managed centrally to retain that essential element of control.
Crucially SASE solutions can be designed and delivered as a managed service to avoid both spiralling costs and the need to add extra capacity and competence to existing in-house teams. That, too, is important at a time when skilled cybersecurity experts are a much sought-after but hard-to-find commodity.
A multi-solution approach
What puts momentum behind SASE is that it enables cloud security systems that can be scaled, added to or reduced to core components as needed. In other words, it matches the way that network capacity is increasingly being conceived, planned, executed and delivered.
It is probably not strictly accurate to talk a of a single SASE solution. As Gartner points out, SASE is really about a package of individual solutions working closely together. That typically includes a secure web gateway, a firewall, cloud-access security brokers and zero-trust network access throughout – all underpinned by an SD-WAN.
The cloud service itself can – and should – also include focused security essentials such as multi-factor authentication with biometric validation, advanced threat protection, inspection of encrypted traffic for zero-day threats, remote working VPNs, and endpoint security.
SASE and cybersecurity: Talk about trust
One of the more notable features of SASE is that it is rejuvenating conversations around zero-trust access models – a highly desirable but so far elusive goal for many security managers. Because SASE is all about contextualising user- and device-identity while setting individual rules for access it fulfils the ZTNA need to give access to users, devices, or applications only to traffic coming from other users, devices, or applications that have been authenticated.
And these are the things to talk about. Because everyone expects their corporate network to be secure, but few understand the challenges that presents – or even what today’s network looks like. Everyone wants control. But they don’t want that control to compromise their work or their freedom. They want to share data freely: but only with the people, and by extension the devices, they know and trust.
For those of us immersed in the complexities and challenges of modern networks and the way they are used, SASE is an exciting paradigm to be explored and adapted. For our end users though it is all about a simple and flexible approach to security that keeps them in control of their operations – even as the network they operate on evolves at speed.