The Secure Access Service Edge (SASE) Security Model

The-SASE-security-model_

As we shift further towards remote working environments, it’s becoming clear that we’ve passed the point of no return. We can no longer put off addressing the security of our networked infrastructures. However, organizations face considerable logistical and organizational challenges in approaching this issue. A new security model, SASE, may just help in charting a course forward.

As the diversity and number of an organization’s cloud and network-based assets expand, so do its threat surface and potential attack vectors. With a more remote and mobile workforce, this problem is compounded. More information than ever is flowing from central data centers to cloud services and user endpoints, such as SaaS (software-as-a-service) platforms and edge devices/applications.

With users accessing private assets through public channels and in and from less secure contexts, there is also an increased risk of human error or insecure practices compromising your network.

Conventional security models can no longer keep up with the expanding nature of cloud-integrated networks. Currently, organizations rely too heavily on point products, each managing a separate aspect of security. However, this introduces a number of problems regarding scalability, complexity, cost-effectiveness, etc.

 

LIFARS Remote Worker Cyber Resilience Service gap Analysis testing as well as remediation guidance for your remote work cyber infrastructure. Protecting remote workers from cyber attacks.

 

The SASE security model aims to integrate all of these separate services into a single solution for network security. In Gartner’s own words:

“The secure access service edge is an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS and ZTNA) to support the dynamic secure access needs of digital enterprises.”

A fully implemented SASE architecture will help solve key challenges surrounding security cloud-based, remote network, such as:

  • Identifying users, groups, and devices.
  • Applying and managing policy-based security.
  • Enabling secure access to devices or data.

This model was put forth in a report by GARTNER, titled “2021 Strategic Roadmap for SASE Convergence.”

From Gartner themselves: “SASE capabilities are delivered as a service based upon the identity of the entity, real-time context, enterprise security/compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations.”

Gartner expects that, “by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.”

Gartner also believes that business leaders should make immediate provision for the adoption of the SASE security model: “Digitalization, work from anywhere and cloud-based computing have accelerated cloud-delivered SASE offerings to enable anywhere, anytime access from any device. Security and risk management leaders should build a migration plan from legacy perimeter and hardware-based offerings to a SASE model.”

What are the Benefits of Adopting the SASE Security Model?

The benefits of a properly implemented SASE approach is that it allows organizations to provide secure access, regardless of the physical location of their users, networked devices, applications, and what cloud-based services they use. This will become progressively vital to uphold security and continuity in increasingly remote working environments.

  • Enterprises could benefit from adopting SASE architectures in a number of ways:
  • Reduced cost of ownership by reducing or eliminating CapEx and OpEx costs
  • Flexibility in the face of increasingly complex networked systems
  • Reduced complexity due to consolidating your entire security stack into a single solution
  • Increased performance thanks to leveraging the scalability and flexible access of the cloud
  • Enhanced data protection, threat prevention, and Zero Trust policies
  • More effective and efficient network security thanks to centralized policies and local enforcement

 

 

Sources:

2021 Strategic Roadmap for SASE Convergence