Our daily business practices increasingly take place in the cloud. Much of our data is stored there, including sensitive data, which faces many emerging risks. What about security practices? Conceived in a traditional way, when sensitive data has essentially remained in place, it turns out to be anachronistic, if not obsolete. Indeed, most people accessing data are not equipped to address the scale of cloud infrastructure and corresponding vulnerabilities. Today, data moves everywhere, and organizations need a security framework designed to protect that data.
One of the frameworks designed to address the challenges of the modern cloud security environment is Secure Access Services Edge (SASE).
What is SASE?
SASE is a cybersecurity framework designed for today’s remote work environment, where the perimeter or “edge” of corporate networks is no longer defined by the four walls of the organization. It aims to bring together security and network functionality in the workplace.
Each application or cloud platform has different standard security policies or even no default security policies. Managing each of them individually would require all the time and resources of the IT team, and you can’t be sure that the same policies are applied to the entire infrastructure. Additionally, employees often use personal or unmanaged devices. As a result, an organization’s ability to see what’s happening in cloud services and enforce common security policies is diminished.
To determine what a threat is, security teams need to be able to understand the context in which an employee is attempting to access certain data. For this, visibility and control are essential. CASB (Cloud Access Security Broker) and ZTNA (Zero Trust Network Access) solutions allow you to do this on cloud infrastructures and applications, private or on-premise. Secure Web Gateways (SWGs) allow you to monitor and control access to parallel computing on the Internet. If you can add contextual cues from laptops and mobile devices to endpoint protection, you’re more likely to implement uniform policies across your infrastructure and data.
The more contextual data points you have, the more you can ensure that only authorized users access your sensitive data through known and secure endpoints. Together, these elements form the essential components of a successful SASE strategy.
There is a misconception that SASE is only useful for large enterprises, but all organizations using sensitive data in a hybrid environment (cloud and on-premise) may consider SASE as an option to regain the visibility and control that the Traditional security products no longer have in a cloud-like environment.
How to implement a SASE policy
As with any major security implementation, implementing a SASE policy is a path that can vary from organization to organization.
One of the biggest challenges has to do with strategy and mindset. For decades, IT and security teams have treated different parts of security as a specialty, be it data loss prevention (DLP) or GDS. As a result, even with security products provided by default in cloud services, organizations continue to purchase products dedicated to different use cases and divide their security operations into isolated teams. To leverage SASE, you need to take a unified platform approach rather than a check-the-box mindset.
At the implementation level, implementing a SASE policy can be done in a short period of time, but it won’t be a drastic change that will happen overnight. For any organization, you must start with the areas with the highest added value. It could be proprietary software that you run locally and now requires remote access. This involves Zero Trust Network Access (ZTNA) to ensure that access is granular and dynamic and does not expose the rest of the corporate network. You may have cloud applications that contain sensitive and proprietary data, which you can start putting behind a Cloud Access Security Broker (CASB).
One of the main questions will be whether these different functions, such as ZTNA, CASB or SWG, can integrate with each other. Some vendors sell these SASE technologies separately, but they may not integrate well. One way to overcome this obstacle is to use a unified platform.
An important test to see if a platform is integrated is to assess its monitoring and policy enforcement capabilities. A suitable SASE solution must provide complete visibility into user behavior, endpoint integrity, and the sensitivity of manipulated data. The platform must then be able to leverage that data and enforce consistent policies for cloud apps, private apps, and internet access.
The future of security
In summary: it is now necessary to extend its security apparatus beyond the traditional perimeter. Security architectures must adapt to today’s increasingly cloud-based business models and adapt to a perimeter that is now constantly in motion.