Simplifying your journey to SASE

The appearance of Intelligent Objects, paired with the recent and high adoption of remote working habits, is demanding resilient and secure distributed networking that allows objects and human beings to access applications and data securely from anywhere. Secure Access Service Edge (SASE) is the most suitable answer.

The digital acceleration is evident, and companies of all sizes are facing the pressing need to adapt HR and IT solutions – both for their employees and end users to work remotely and for intelligent objects to be “dangerously” connected to core applications and databases. Suddenly, business-line owners become directly involved in IT projects. Increasingly, IT topics fall under the mandates of non-IT decision makers who find themselves grappling with complex challenges like balancing end-user experience with security requirements.

Today, the big challenge is that organizations must secure their data everywhere. And regulations are getting tighter.

At the end of last year, for example, the Italian Ministry of Labor and Social Policies issued the first National Protocol on Smart Working for the private sector. Among other items, it focuses on data protection and privacy, outlining the fact that employers should adopt all appropriate and organizational measures to ensure the personal data of the employee working remotely – and that the data processed by them and by connected objects is securely handled. At the same time, data is the new gold, and enterprises must find efficient ways to harness the value of data streams to create new growth areas.

Enter SASE, a response to the restrictions of traditional networking and security architectures. It comprises wide-area networking (WAN) and network security services, such as zero-trust network access (ZTNA), secure web gateway (SWG) and firewall as a service (FWaaS), all delivered from the cloud.

It is important to understand that the end user is the new perimeter to defend and protect on three levels: identity, data and access. This level of protection must be implemented with the sole purpose of enhancing the end-user experience in consuming applications that are increasingly delivered from the cloud (public, hybrid, private) and less and less from legacy data centers. The public Internet is rapidly becoming the next enterprise and corporate network.

Dealing with increasing complexity

The complexity of today’s business environment, including multiple clouds and on-premises locations and various cybersecurity tools, has created unwieldy and often expensive IT estates. According to Gartner, network security based on data center perimeter protection using a host of defense appliances is inappropriate to address the dynamics of digital business and distributed workforces. The legacy perimeter must transform into cloud-based, converged features supporting a policy-based secure access service edge to address this challenge.

SASE benefits include strengthened security, reduced complexity and costs, zero-trust enablement and enhanced resilience.

SASE can provide remote workers with fast, simple and secure access to their applications. Gartner believes that by 2025 60% of enterprises will have strategies and timelines for SASE adoption, including user, branch and edge access, up from just 10% in 2020.

SASE isn’t a quick fix

SASE, however, isn’t a single product nor can it be deployed overnight. Transitioning to SASE will take time as most enterprises already have investments in legacy hardware and software contracts that need to live out their lifecycles. For example, hardware refresh cycles at branch offices can average five to seven years.

In addition, not all the vendors claiming to offer a SASE product can deliver on all the capabilities expected of SASE, according to Gartner, nor are they at the same level of feature maturity.

It is important that enterprises do their homework and put in place a robust overarching SASE strategy, including short and long-term goals. The core of this should be breaking down barriers between networking and security teams to create a cross-disciplinary group to oversee the transformation process. The SASE strategy must then be regularly revisited as the market matures.

Meeting the challenges to adopting SASE head on

With the adoption of any new concept and technology, there are challenges along the way. As we have explained, SASE is essentially a combination of tools and methodology. As such, the landscape can quickly become very complex. It also requires IT teams to carefully check tools for compatibility and interoperability.

It is advisable to run a gap analysis to spot any hurdles before they become an issue, such as a lack of in-house skills. Some SASE capabilities, such as automated configuration and network monitoring, may need to be re-worked for the existing enterprise network.

The gap analysis helps to create a road map for adopting SASE and planning migration. It also allows enterprises to pinpoint areas of opportunity to reduce complexity and eradicate redundant vendors.

Incorporating zero trust in SASE

As mentioned, enterprises are increasingly adopting a zero-trust strategy to enhance their security posture. Zero trust is the perfect partner for SASE. Zero trust is a security framework that demands that all users, objects or humans, both inside and outside the organization, are continuously validated to access applications and data.

Zero trust is an integral part of SASE and can help enterprises centralize their security tools, close visibility gaps and streamline operations, leading to a stronger security posture. At the same time, they can attain zero-trust network access (ZTNA) by utilizing a single solution to apply security policies across the network.

When putting together a SASE strategy, enterprises should look at their zero-trust posture and how it fits in with both the plan and existing network architecture. At the same time, enterprises can examine how zero trust stops threats and mitigates risk during a breach. Identity and access management and micro-segmentation, for example, can be used to enhance zero trust further.

Building a SASE roadmap

With a trend towards hybrid working and the accelerated adoption of intelligent objects, coupled with an increase in cloud and software as a service (SaaS), it is no longer secure or efficient to route traffic through the corporate network and associated security controls. Coupled with zero trust, SASE ensures that employees and objects are effective and secure wherever they log in.

After considering the gap analysis, the next step to adopting SASE is to set out technology priorities for the next eighteen months. Utilize every refresh opportunity when it comes to security and branch office hardware to adopt SASE, advises Gartner. Why? Because this is an emerging market and, as such, is still fluid.

The road to SASE is not a short walk, but from a business perspective, it will enable employees and objects to securely access the right data, regardless of location or device. That, in itself, is a boost to productivity.

Find out more about the SASE model and how it can address your business challenges here.

Francesca Puggioni
Francesca Puggioni

Francesca Puggioni is the Managing Director of Orange Business for Southern Europe. With an extensive international business background, she is a champion of cultural diversity in the workplace to inspire creativity and drive innovation and favors a dynamic and innovative management model. She is a great supporter of socially responsible initiatives, especially where technology can have a positive impact on society as a tool for social, economic and environmental development.