GET SASSY IN THE WAR FOR TALENT: WHY SASE SECURITY IS HERE TO STAY

There’s been a lot of hype about SASE (pronounced sassy) since the term was coined by Gartner in 2019. But little did they know this cloud security model would so rapidly become crucial in the ‘work from anywhere’ revolution. Let me explain.??

In March 2021, Gartner called SASE the #1 most-hyped term in networking, while in the?same breath?predicting it will soon set the new standard for security:?

“By 2025, at least 60% of enterprises will have explicit strategies and timelines for SASE adoption … up from 10% in 2020.”?

It’s getting a lot of attention, and it’s well worth getting up to speed on.?

So,?what exactly is SASE??

SASE, which stands for Secure Access Service Edge, is a relatively new security model that combines networking and security into one cloud-based service.?

Without getting too technical1, SASE builds on software-defined WAN (SD-WAN) to enable data packet inspection, identity-driven access and enforcement of security policies at the individual user level. Rather than routing all traffic back through an organisation’s in-house data centre and securing it centrally, SASE distributes security functionality from the cloud right to the device.??

What this means for IT managers is that they can monitor and secure employees' devices and activity, regardless of their location – even on applications outside the corporate network, where more and more workers spend their time these days.??

When fully implemented, SASE can deliver security-as-a-service from the cloud on a per user basis, while still providing centralised management and control. It can integrate functions such as firewall, malware protection, intrusion controls, secure web gateways, data loss prevention and zero-trust network access.?

Why is it so important all of a sudden??

When first introduced, the promises of SASE were speed, flexibility, cost-savings and productivity, because it streamlines security management across an increasingly diversified and hybrid infrastructure.??

While these remain powerful business benefits, it’s SASE’s ability to secure devices and applications outside of an organisation’s network that I think will now take centre stage.??

The traditional perimeter and site-centric approach to security has been to lock up your network and hardware like a fortress, and then strictly control who can enter – for example logging in remotely using a VPN.??

This works for a few dozen people working remotely SOME of the time, however it simply doesn’t scale to thousands of people working from home ALL of the time.?

Stretched by growing trends like cloud software, mobile devices, internet of things, digital commerce and globalisation, legacy security methods were already falling behind. Then, in 2020, the pandemic put a rocket under the working from home trend.?

Remote working is permanent, so is the security risk?

While initially an essential move to keep the economy open, the sudden shift to remote work is here to stay with most workers wanting to work from home at least some of the time.??

The ACSC Annual Cyber Threat Report 2020-21 highlights that "The pandemic has significantly increased Australian dependence on the internet – to work remotely, to access services and information, and to communicate and continue our daily lives. This dependence has increased the attack surface and generated more opportunities for malicious cyber actors to exploit vulnerable targets in Australia."

The?AFR reports?that Telstra and Deloitte both announced that their staff will be able to decide where and when they work. Australian tech giant Atlassian has told staff they only need to come in four times a year. These moves could spell the end of the traditional nine-to-five workday, and cement the non-negotiable expectation of flexible workplaces.?

This means that organisations wanting to attract the best talent are now faced with the challenge of providing seamless, flexible and secure remote working capabilities.?

SASE is now emerging as the most effective way to give people the freedom and speed they need to work from anywhere, without compromising security.?

How to migrate to SASE security??

As an emerging technology, SASE is not quite yet an off-the-shelf solution. Several vendors are now promising all-in-one SASE solutions, while multi-vendor solutions bring together network and security functions from a range of suppliers – with each having pros and cons depending on your current setup.?

Whatever your approach, look for a technology partner that can help you migrate to a per-user consumption model. This will position you to scale up and down to meet changing requirements for remote work, and onboard new staff efficiently and securely wherever they are.?

?Garth Sperring?is GM - Network at Nexon Asia Pacific. For more?information about Nexon’s?networking, security and SASE solutions,?contact Nexon today.?

?1?If you do want to get more technical, here’s?Gartner’s original definition:?“So essentially, SASE is a new package of technologies including SD-WAN, SWG, CASB, ZTNA and FWaaS as core abilities, with the ability to identity sensitive data or malware and the ability to decrypt content at line speed, with continuous monitoring of sessions for risk and trust levels.”?