Supporting the security of a distributed workforce

A man working on a laptop in his kitchen and checking his smartphone.
(Image credit: Vlada Karpovich / Pexels)

Enterprise WAN architectures have undergone seismic shifts in recent years. To accommodate today’s new enterprise realities and support a distributed workforce, there’s growing investment from businesses to secure and optimize at the edge of the corporate network. Many organizations are increasingly moving to adopt secure access service edge, also known as SASE, which merges secure connectivity and cloud-delivered security.

About the author

Neil Miller, Director of Solutions Engineering EMEA at Cisco ThousandEyes (opens in new tab).

However, the increased adoption of the cloud-delivered SASE model does not come without its challenges. As the ultimate delivery mechanism and connective tissue, the Internet has become a critical lifeline for business-critical networks, applications (opens in new tab), and services, as these key enterprise resources expand beyond the corporate perimeter and the control of IT. 

Tools such as cloud access security brokers and VPNs (opens in new tab) can directly affect the running of key services and applications on which remote employees now depend - and 64% of organizations believe network security is a more difficult beast to navigate than two years ago.

Traditional monitoring tools can’t keep up with this evolution, and businesses simply cannot afford to remain blind in today’s borderless IT environment while their employees (opens in new tab) struggle to do their jobs effectively from home. So how can businesses feel confident in deploying and optimizing SASE, without impacting usability and performance of applications and services that remote workers rely on?

Cloud-first, SASE-first

The workforce as we know it has changed as a result of the pandemic, transitioning to one that is largely decentralized. In fact, remote workers represented 32% of all employees worldwide at the end of 2021. With many employees now connected to enterprise networks from remote locations, layer upon layer of complexities are added to the enterprise architecture. As a result of this change, organizations are facing a crucial need to reconsider their security at the network’s edge. Upon doing so, many have found that a centralized security stack within the data center is no longer a viable option for their new distributed workforce.

In essence, employees are now dependent on consistent access to applications in order to remain productive and happy, with 76% stating that they expect as much when accessing resources and applications regardless of whether they’re in-office or working remotely. Meanwhile, business leaders are also reliant on stable security solutions in order to protect investments. Further to this, enterprise network teams have long anticipated the evolving needs of businesses and have therefore transformed networks with SD-WAN and secure client access. All of these trends add up to an increasingly Internet-dependent enterprise environment which requires a new approach to securing and optimizing for successful performance.

As a result, we’re seeing fast-track investments into new network architectures to transform digitally and to allow for an adaptive, customized network infrastructure that can respond to changing needs. In the next three years in fact, Gartner predicts that 60% or more of enterprises will have explicit strategies to adopt cloud-delivered SASE.

The visibility gap that impacts employee experiences

While SASE streamlines secure access and security in a predominantly cloud-first world, it’s inevitable that increased cloud adoption brings with it new business dependencies. These can include cloud access security brokers (CASB), secure web gateways (SWG), and zero trust network access (ZTNA) - and that’s just the start.

The move to SASE means relying more on external networks and services that IT doesn’t control, resulting in blind spots that can impact the performance of the applications and services that hybrid workers rely on. You might think that this can be combated by implementing legacy network monitoring tools, but the primary role of such tools is to collect passive data (opens in new tab) from on-premises infrastructure - a diminishing component of enterprise operations. 

And when you consider that today’s network paths consist of many more hops over longer and more complex segments (e.g. Internet, security, and cloud providers) that are not within an IT team’s purview, it’s clear that these tools are simply no longer a solution in this Internet-centric environment.

So how can businesses ensure that these dependencies work alongside the security policies they enforce to provide an uninterrupted digital experience? And how can they isolate and resolve issues when so many domains and providers are involved in delivering every digital experience?

Seeing before you SASE

To maintain reliable connectivity in this highly distributed architecture, IT teams require end-to-end visibility into the entire digital supply chain and infrastructure - a non-negotiable in today’s business world. They can do this through verification and synthetic monitoring, allowing them greater visibility into how underlying networks are managed, which in turn enables them to monitor performance and locate and fix issues as quickly as possible.

The key thing here is that this visibility can be turned into actionable intelligence to proactively monitor and optimize application performance and employee experience. This essentially provides IT teams with a magic ticket to not only empower workers with a seamless application experience, but also to ensure that their SASE architecture fortifies their business’ security posture.

Synthetic monitoring provides enterprises with insight into the experience of any application from wherever users are sitting, while simultaneously enabling them to understand every dependency that can influence the experience outcome. So even when businesses no longer own the underlying transport, services, and applications, they are still able to ensure a reliable and always-on user experience - and crucially, can also ensure that robust resilience measures are in place to avoid impacting the usability of the worker. 

It is through this enhanced visibility that businesses can access a deeper understanding of their infrastructure, and ensure the digital experience they provide to both their employees and customers (opens in new tab) is seamless.

We've featured the best business computers.

Neil Miller, Director of Solutions Engineering EMEA at Cisco ThousandEyes.