Secure Access Service Edge (SASE)
First: Why Should We Care?
SASE, pronounced ‘sassy,’ is simultaneously a cybersecurity service and all-around concept within the information sector. Having emerged as a need alongside the growth of our increasingly cloud-based and mobile-device centric society,
Typically, SASE is a product services offering compiled by a third party that specializes in IT and cyber security. Professional expertise combined with access to various platforms and products through strategic partnerships would allow a given security company to assess their own ‘arsenal’ to develop a playbook of what they are able to provide as a service. All of these capabilities as a service combine to create a unique SASE that can be dynamic, adaptive to technological advancements, scalability, and predictive of risk.
Next: How Does It Work?
At its base, SASE utilizes SD-WAN capabilities to provide the highest quality network experience to business clientele regardless of where they are located through worldwide PoPs (Points of Presence) that help bypass the natural latency and queues of the IoT. On top of improved end-user experience, “packages” of security-as-a-service technologies available through the vendor providing the SASE platform are now available for use in the cyber toolbox - it allows for encrypted traffic to be inspected at the cloud scale. Here are a few examples of practical use cases that could fall under the SASE arsenal:
Control of data movement - application risk ratings, activity control of employees and what they may transfer/download, utilization of machine learning (ML) to detect anomalies in behavior of secure users
Education and training of users in real time - providing warnings, suggestions for safer movements/apps, and requesting a reason or justification for activity all help trigger an employee or user of the network before they make data movements. Additionally, SASE can rate apps and users themselves for a confidence index and use these ratings to flag for future behavior analysis, ML, and weighting of compliance law and how it does or does not align with a given GRC regulation
Conditional access enabling - one of the most common security concerns of businesses for their employees, and which can be more safely monitored on a contextual basis and examined (i.e. device, IP address, user, instance, app, etc) for indicative details and at granular data levels.
Countermeasures and protection for cloud cybercrime - cybercriminals have adapted quickly to the evolving technologies and have found a multitude of ways to make their activity source and credentials seem trustworthy and legitimate. SASE can allow for Advanced Threat Protection (ATP) with variety of defense mechanisms, multiple vantage points to the network utilizing security stacks like SOARs and SIEMs, putting sharper and continuous focus on frequently used threat actor strategies like phishing, malware, etc.
Lastly: Why Now?
The global pandemic due to the outbreak of COVID19 has changed the world drastically. The nature of how this virus spreads has led to the now ubiquitous concept of “social distancing,” and organizations worldwide have been forced to shift to meet the need for employees to WFH (work from home). Remote work requires the ability to connect to a network, database, or IoT to access company data and applications. For these reasons, it is now more important than ever for businesses to recognize the heightened cyber security that is needed to meet/match this gargantuan and exponential growth of cloud-based connectivity, platforms, and networking. Given the philosophy of the Secure Access Service Edge architecture incorporating as many perspectives, defense mechanisms, cutting-edge technologies, automation solutions, aaS offerings, predictive machine learning, etc - SASE can give a company the ‘edge’ it needs to stay ahead of threat actors looking to exploit all the information they are able to get their hands on.
ProtectedIT will continue to keep a keen eye on SASE offerings in the years to come, as this new, open-minded, and transformative concept could evolve to become a cyber security bedrock.
To learn more about protecting, preventing and remediation with ProtectedIT, contact us here.