As many businesses continue along the digital transformation journey, cloud technology has enriched working life by enabling daily collaboration, but this presents many new security challenges and risks. Legacy or traditional security methods, that may have been successful for securing data that resided on-premises, is now obsolete particularly, as there are many users who are accessing this data that are unversed in how to handle the cloud infrastructure and its issues.
Sundaram Lakshmanan is CTO at Lookout.
This is resulting in data breaches, leaks, exposures as well as ransomware attacks making headlines in the news. Data is fluid, travelling everywhere and therefore enterprises require a security framework designed to meet the demands of this agility. Moreover, with hybrid working now becoming a formality for many organizations, the traditional security perimeters are too restrictive and no longer adequate. To embrace the benefits of cloud security, the security framework that aims to solve the challenges of the modern cloud security environment is the secure access services edge (SASE).
One framework designed to solve the challenges of the modern cloud security environment is the secure access services edge (SASE).
What is SASE exactly?
The SASE cybersecurity framework has been made with the current remote/hybrid working approach in mind. With employees working from anywhere, the traditional four walls of a company don’t apply because the perimeter or “edge” of an enterprise’s network is now endless. SASE sets out to bring together security and network capabilities in the cloud without any sacrifices on performance, security and usage.
Depending on the application or platform used there will most likely be security policies in place as default, but some may not. Tracking each and every one will consume an abundance of time and resources which will burden your security team. Furthermore, there aren't any assurances that the same security policies are being used across the whole network which makes securing personal or unmanaged devices difficult.
Having a level of visibility on these devices is essential because how can one determine if a user that is trying to gain access to data is an actual threat? Security teams need to know such information and require a holistic view of certain criteria: location of the user, what device is being used, the data trying to be accessed, the behaviors when they’ve logged in and if this matches typical behavioral patterns. The importance of visibility and control cannot be underestimated.
But there are technologies that can assist. For instance, zero trust network access (ZTNA) and Cloud access security broker (CASB) solutions – two key components of SASE that can help achieve this across cloud and private or on-premises infrastructure and apps. Additionally, secure web gateways (SWG) provide monitoring and control shadow IT access over the internet while preventing unsecured internet traffic from entering an organizations internal network. Having this level of protection creates a visible ecosystem where security teams can observe laptops and mobile devices on the network, check if they have endpoint protection, and monitor if the desired policies have been implemented across the entire infrastructure and the data. Contextual signals are relayed from the solutions to the devices and the more contextual data points seen, the higher the chance there is of ensuring secure users and devices are accessing your data. These are the foundations that make a successful SASE strategy.
It's also worth noting that SASE is ideal for any sized organization having difficulties protecting sensitive information in a hybrid or remote working environment that also want visibility on the devices connecting to the network and control over who is accessing their sensitive data in a cloud environment.
Getting SASE implemented and deployed
The SASE implementation journey can be substantial but also depends on the organisation and its needs. An obstacle that regularly surfaces relates to the strategy and mindset regarding security with it long thought that IT and security teams view security as a specialty.
When it comes to cloud-delivered security products, many organisations buy dedicated products for each use case before allocating specific teams for each security operation. This divide and conquer mentality is insufficient for security. Instead, a unified platform approach is the optimum strategy to reap the benefits from a SASE approach.
Deployment of SASE will also take time so don’t expect it to happen overnight. Identify and address the most critical areas in your environment first. If remote access is needed, ensure ZTNA is deployed. If they are cloud apps which have sensitive data, have a CASB solution to protect the proprietary data. But can all these functions and solutions – ZTNA, CASB or SWG – be integrated and work together in unison? It is common practice for vendors to offer each solution individually but there is no guarantee that they will integrate harmoniously. Therefore, it is highly advised for organisations to seek out a unified platform that can achieve this. A key method to evaluate if a platform can integrate is to assess the monitoring and policy enforcement abilities.
When searching the market for a SASE solution, ensure the following are covered by the unified platform:
- Full visibility of user behavior is provided
- Analysis of the endpoint risk posture with data sensitivity given
- Consistent policies across cloud apps, private apps and internet access can be enabled and enforced
To meet the modern cloud-first hybrid-world business models of today, security architectures must be adaptable in order to facilitate business objectives in a secure manner. The traditional perimeter is no longer stagnant. Instead, it is constantly evolving and, to ensure all users, endpoints and data are protected, SASE, which is widely viewed as being the future of security, should be implemented.
