by Forcepoint Senior Director of Strategic Business for APAC, Nick Savvides
The onset of the COVID-19 pandemic has catapulted Australian businesses towards digital transformation at a rate CIOs and CISOs around the country previously thought impossible.
The mass closure of physical workspaces not only created an immediate need for remote working solutions, but also major changes and compromises in business continuity plans and security practices. Very quickly the market was flooded with those racing to the cloud.
The move to cloud is not new and has been gaining significant momentum over the last 5 years. As offerings have continued to mature and diversify, more and more activities are being delivered from the cloud. It hasn’t just changed applications and systems that we use but has also changed the way we build and even think about building applications. Whether it’s storing data, team collaboration and task automation, supply chain optimisation, or controlling IoT devices, most things have been touched by the cloud.
However, cloud use suddenly needed to be significantly more integrated into day-to-day operations when the working-from-home army was unable to use their employers’ onsite connections.
This gave rise to three problems for IT teams across the country: How to extend their company’s networks and resources to all remote workers; how to optimise delivery of on-premises and cloud apps in use for remote access; and how to monitor and secure all their users and network traffic efficiently. Limited on both resources and time, IT personnel quickly instituted a multitude of solutions, and often bypassed established security controls to make sure data flow and productivity wasn’t hindered. It was an important moment for many IT and cyber-security teams to learn that the business always wins – when presented with an existential threat, no matter the objections, the business will demand agility and flexibility on things that would normally be non-negotiables.
Now, a few months in, most of us are in a good place vis-a-vis remote working. However, the ad hoc solutions that got us here aren’t necessarily suited for the long-term, and few companies have implemented a permanent solution that would mitigate disruption from future calamities.
A solution to our current predicament presents itself in the form of a 2019 proposal by Gartner, known as ‘SASE’ (pronounced ‘sassy’).
What is SASE?
The Secure Access Service Edge (SASE) framework is an emerging security and networking architecture model which promises to converge network, web, data, and cloud app connectivity and security to be delivered via the cloud at the edge of the cloud. The new architecture is the result of an inversion of traditional network and security stack design patterns caused by a number of shifts in business requirements:
- People now work remotely, from more places than ever before – more business now happens outside the boundaries of the traditional enterprise than inside. More traditional jobs are expected to be performed remotely, such as software development, IT administration, cloud operations and support using cloud-based applications and services.
- Business data, and applications using that data, are rapidly moving to the cloud – old approaches such as backhauling through a central enterprise data centre with legacy appliance-based security architecture are no longer feasible.
- To maintain performance, many organisations with multiple sites and remote users are connecting directly to the internet and cloud apps using technologies like SD-WAN, bypassing centralised premises-based security gateways. This evolution in network and cloud access requires a new approach to information security that can work everywhere users need to access and interact with data.
- The focal point of networking and security has shifted from the data centre to the cloud – networking teams can now improve performance, consolidate the number of devices deployed, and regain visibility and control of data at the user level.
Why SASE and why now?
The race to set up cloud infrastructure during the disruption caused by COVID-19 has changed the way business is conducted. The ability to access files and data off-premises has become a major asset in the effort to maintain business functions. However, in the push to move processes online, loopholes and gaps have been created which can be exploited by malicious actors who aim to use this time of “pandemic panic” to their advantage. The gaps also exist because organisations opted to extend traditional networking and security stacks for use in the cloud even when those tools don’t translate well into cloud architecture – thereby reducing the visibility, manageability, and efficacy of those solutions.
SASE, on the other hand, represents a modernised approach that extends the cloud model to security. The model has been designed and optimised to help security and risk management leaders address the challenges posed by digital transformation. It also offers security and IT leaders a way to reduce complexity in their environments while ensuring security and connectivity for organisations. It’s more efficient to create a straight path to the applications for users – a “direct-to-app” approach – which will achieve better performance and user experience.
SASE’s true cloud-native approach paves the way for simplified network and security administration through a centralized management hub – providing improved visibility and protection of users and data wherever they’re located. This approach improves performance as users and branches connect directly to the cloud through a single converged security layer.
Finally, SASE, due to its converged nature, allows IT teams to create, monitor, and implement an agile security architecture that becomes a foundational part of digital transformation which can swiftly adapt to the needs of any business – regardless of size or complexity.
It’s become increasingly clear over the past few months that traditional security product boundaries won’t deliver what’s required in a cloud-native world where people and data need to connect anywhere, any time. SASE is at the forefront of an age-defining leap in cyber security which is bound to change how we view, protect, and interact with data.
