Utilizing Secure Access Service Edge (SASE) To Protect Your Remote Workers
By Tim McCulloch, Director of Solution Architecture, cStor
During the peak of the COVID-19 pandemic, IT organizations faced a massive challenge – maintaining productivity via a remote workforce. Although work at home programs have existed for several decades, the government-mandated lockdowns resulting from COVID-19 were unprecedented. IT organizations scrambled to ensure their infrastructure could handle the stress of a remote workforce.
Questions quickly arose such as: What do we do about security? Does our network have the capacity? How do we prevent VPN bypass since most applications are SaaS-based? How can we ensure users have access only to those applications required for their jobs?
The primary focus of most organizations was accessibility to the corporate network so doing business could continue, whereas securing those connections was an afterthought. Unfortunately, we live in a digital world, and with that comes cybercrimes and advanced persistent threats (APTs). With a larger remote workforce came a greater potential for attacks. Consumers of the network become more vulnerable to malware, resulting in data hijacking events and ransomware.
Remote Worker Security Acronym Soup
In order to support remote workers securely, IT organizations have started implementing a Secure Access Services Edge (SASE). SASE is the convergence of the wide-area network (WAN) and networking security services such as Cloud Access Brokers (CASB), Firewall as a Service (FWaaS) and Zero Trust network access including multi-factor authentication (MFA) time-based, one-time passwords (TOTP) and identity access management (IAM). SASE is usually delivered through a vendor’s Point of Presence (PoP) or data center closest to the customer’s endpoints. There are several vendors such as AT&T, Cisco, Zscaler and Fortinet that offer a SASE as a Service.
What is Secure Access Service Edge (SASE)?
Benefits of SASE
Gartner predicts that 40% of all enterprises will develop strategies to adopt SASE by 2024.
There are several benefits of SASE. With data being moved to the cloud, conventional security measures only protect inside a customer’s network perimeter. SASE supports IT organizations’ journey to Digital Transformation and provides the ability to be nimble for new business opportunities. The tangible benefits of SASE are:
- Flexibility – Direct to net or direct to cloud access from anywhere.
- Cost Savings – The subscription model eliminates the need for CapEx and provides lower, predictable OpEx due to a Security as a Service model.
- Reduced Complexity and Increased Performance – Consolidation of services into a single Cloud Management Plane and acceleration to internet resources via a global network infrastructure optimized for low latency, high capacity and high availability.
- Zero-Trust Network Access – Provides multi-layered access controls to private apps in public/private clouds.
- Threat and Data Protection – Prevents attacks such as cloud phishing, malware and ransomware. Data is protected, inside and outside an organization, in public clouds and in cloud apps.
Key Considerations of SASE
There are many things to consider before adopting a SASE model. IT Organizations will need to understand their current cloud security capabilities and at what level they can cloud-scale. They must also understand the visibility of web and cloud traffic. Speed and availability will be a focus, as will a full inventory of policies and consoles to manage the existing security stack.
When done properly, a SASE model eliminates perimeter-based appliances and legacy solutions. Users will connect to SASE cloud services to safely access and use web services, applications and data with the consistent enforcement of security policy.
If you would like to learn more about how cStor can help you implement SASE, contact us today.