Security Strategy, Plan, Budget, Cloud Security

Out with the old: adopting a SASE-first mentality

Today’s columnist, Etay Maor of Cato Networks, writes that Gartner may come up with innovative new terms, but companies need to decide which option works best for them: SSE or SASE? (Credit: Gartner)

After an unpredictable and incredibly challenging year, the economy has mostly recovered from the pandemic. Over the summer, employers aggressively added hundreds of thousands of jobs, many of which include at least some amount of remote work. Most enterprises now recognize the benefits of hybrid work for employee engagement and efficiency, and especially with the most recent Omicron wave, it’s become clear that the pre-pandemic status quo of every employee working together in a single office five days a week has become a thing of the past.

With the popularization of hybrid work, businesses are challenged to manage disparate networks with many new remote points of connection constantly being added from private offices. Organizations must rethink security to capture the increase in global connectivity without compromising the efficiency of hybrid work. Security Access Service Edge (SASE) will help companies more effectively manage enterprise security strategy in the evolving hybrid work environment. Adopting a SASE-first mentality will complement the advances needed for a modern workplace while securing the network wherever an employee sits. In fact, Gartner predicts that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE.

SASE protects all points of connection

Each time an employee logs on from a remote location, a new connection point gets created. For large enterprises, this can easily mean thousands of new connection points are created simultaneously every day. If the security team cannot monitor these new branches all together, it puts the organization at considerable risk. Each of these unmonitored points exists as an attack vector, opening the gates and inviting cybercriminals to access the network. However, in a hybrid work environment, it’s nearly impossible for the IT team to manually manage all connection points around the clock.

With a SASE architecture, the management layer gets centralized through a single and secured cloud point of connection (POC). Instead of individually approving each point, the IT team only needs to concern itself with administrating the single cloud checkpoint where they meet. Moving data center environments and applications onto the cloud will let the SASE architecture automate and modernize secure access to them.

SASE seamlessly prevents threats as data moves from the endpoint through the cloud pipeline. Regardless of the type of data requested, it will have to go through secure web gateways (SWGs), cloud access security brokers (CASBs), firewalls and zero-trust network processes before it can be obtained. Therefore, no matter where and how many points of connection are created, the SASE network monitors access and inspects traffic for attacks at scale without tedious manual monitoring, saving on labor costs while reducing risk.

Security first

There are many considerations enterprises need to make when selecting their network solutions and architectures; however, there’s one that security teams should  focus on. Companies must make security the first priority when deciding on any new network solution, especially given the recent surge in cyberattacks. When companies treat security as an add-on instead of an integrated feature, security gaps are created.

Given that SASE operates from the cloud, it eliminates the costs associated with traditional hardware. The team can conduct network maintenance virtually and simultaneously. Further, SASE’s intuitive architecture lets it recognize and categorize traffic originating from outside the network that may pose a threat. This eliminates many security gaps when the security system innately understands and encapsulates the entire network, seamlessly working in the background around the clock. Covered by the SASE architecture, employees experience better performance from the security services that keep them protected outside the corporate network.

Simplifying deployment and safeguards

Hybrid work can benefit for most employees – except maybe the network operation admins. The same perk that can offer flexibility and balance for many employees can also pose as an additional challenge for operations admins to enforce troubleshooting and remediation routines when employees are outside of their physical access.

SASE comes in handy as upkeep becomes available instantaneously and virtually. With enforcement across emerging and traditional risk vectors, SASE deploys risk evaluations to simplify network operations. Operation admins can focus their efforts on maintaining the overall network performance rather than chasing down its countless subsidiaries.

As hybrid and remote work becomes the standard for every large organization, SASE adoption has become crucial to simplify and strengthen network security. Compared to SASE’s intuitive edge protection and cloud transformation, many organizations will soon find that the moving application access and threat inspection to a cloud-delivered architecture means a reduction in risk and a more agile business.

Samantha Madrid, vice president of security strategy and business, Juniper Networks

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.