It’s called SASE, or Secure Access Service Edge – but perhaps only for now. When the next analyst firm puts a label on it, the acronym will have competition, but the letters describing the newest concept in security could spell anything: it’s the solution behind them that matters. SASE was named first by Gartner to describe a new type of SaaS product that combines both security functions (such as the ability to deploy 2FA, firewalls, or traffic monitoring) with networking tools (micro-segmentation, access rules, Hosted VPNs) so that companies can streamline their consumption of these two crucial ideas.
Easier deployment of security across disparate cloud and local networks, and easier setup and management of said networks are just the icing on the cake. The revolutionary benefits of SASE go deeper, and entail tangible advantages that are inspiring enterprises in extraordinary numbers to adopt the solution – or at least to initiate a transformation in SASE’s general direction. In just a handful of years, SASE will have transformed the security landscape to be nearly unrecognizable.
Users like yourself might not intend to do damage or expose the network, but now that we connect to countless apps spanning the cloud, and with many more devices, we each present a unique risk. The skyrocketing prevalence of insider breaches, and not those occurring from the outside, are one primary reason why SASE is a future-focused tool. Since 2018, data breaches caused by insiders have risen by a whopping 47%, and 68% of firms cite this as their chief security concern. Consider also that it’s common for companies to conceal breaches caused by an insider and to not report them, so their consequences and frequency are worse than reported.
SASE is inherently user-centric, meaning that the security and networking functions typically included in a SASE setup help IT teams to follow and restrict users through their network journey. This is better than giving them approval for unlimited access at the door, as we used to do. It might sound like a lot of work, but the tools provided by a SASE solution allow it to happen in a very scalable way.
We all know that network resources have varying sensitivities: The local server containing a proprietary algorithm is more sensitive and therefore should be restricted to more people than, say, a cloud-based Salesforce app. Perhaps only a few trusted developers and the CEO need access to the former, while several departments use the latter every day. Selective access to certain parts of the network used to require hardware and software together, plus lots of manual work from the IT team. SASE makes it easy from a single spot in the cloud.
The two features that underpin user-focused security, also known as Zero Trust security, are micro-segmentation and access management based on Identity Providers (IDP). IT can enforce user logins via a centralized IDP like Okta or Google, and then based on the user or their device, automatically apply relevant security to them. This might include a specific encryption protocol, a custom access profile for resources, 2FA, and much more. When a new part-time worker abroad is onboarded, IT can enter their administration panel, quickly assign the employee an IDP, and drag and drop it into a profile built to consider all the various data sensitivities relevant to remote contractors, limiting access accordingly.
The benefits of SASE are highlighted when thinking about how much effort IT teams go through to close gaps in the network. Unification of two ideas close to the heart of any IT manager – networking and security – can bring the resources they are tasked with protecting under one roof and their job much easier. The cost savings are also mouth-watering for enterprise IT managers, who are able to trim their towering stacks, and get leaner and meaner than ever before.