Cybersecurity frameworks and models are incredibly important and provide a consistent set of guidance, principles, and standards that security leaders can follow, use to build their roadmaps, and base their goals and metrics on.
There are a number of different frameworks (published by various organizations and market leaders) and they’re largely driven by threats, technological advancements, organizational challenges, environments, and vendor ecosystems.
SASE (pronounced “sassy”) is a relatively new cybersecurity framework and model that looks to incorporate the modern needs of organization given the shift in environment and threats.
The introduction of SASE has been largely driven by the significant change in organization’s environments, the digital adoption of cloud-based infrastructure, which has resulted in the perimeter largely evaporating, surfacing a company’s endpoints.
This shift has increased the attack surface, making it easier for attackers to find their way in an organization, resulting in a complex security environment that has made it difficult to find the right vendors and balance productivity and resources.
In this article, we’ll discuss what SASE is, its benefits, and how organizations can work towards a SASE model to improve their security posture.
SASE stands for Secure Access Service Edge, and is a cloud-based security architecture that aims to combine SD-WAN (software defined wide area network) with security as part of a cloud-based deployment.
Essentially, it looks to make the edge as secure as possible without compromising on user or software access because of any security system or control. By prioritizing the cloud, it aims to make this framework scalable as it addresses the cloud-based nature of most organizations.
What does “the edge” mean in cybersecurity
The edge refers to edge cloud computing and the trend of devices (whether laptops, phones, or IoT devices) processing data on the device itself and interacting with an organization and the cloud.
The edge is what allows orgs to function as easily and as streamlined across devices and distributed networks. However, the tradeoff is that attackers can just as easily reach environments in a network because endpoints and devices are easily accessible.
Unlike other security models and frameworks that may tradeoff efficiency and speed in order to provide security or prevention, SASE seeks to keep efficiency and lower complexity even at the organizational level, while keeping connections and communications secure.
Main components of SASE
There are several components of SASE that make up the framework and they’re defined as technology organizations that can either build in-house or procure from vendors. These include:
Zero trust network access (ZTNA) - Zero trust is one of the key principles behind SASE and it essentially asks organizations to not trust any entity, whether internal or external, requiring you to authenticate them any time they interact with your environment. This takes out the guesswork of differentiating between trusted and non-trusted entities. ZTNA refers to a class of technology that carries this out in practice.
Secure Web Gateway (SWG) (fit for cloud) - a secure web gateway is designed to analyze traffic coming into your network, flag anything suspicious and remove it if possible. While this technology has been around for years, it’s traditionally been an on-prem technology. SASE asks organizations to adopt a cloud-based SWG that adapts to the new cloud-based environment organizations have shifted to.
Cloud access security broker (CASB) - a CASB acts as an intermediary between an organization’s cloud service consumers and cloud service providers and enforces specified security policies the organization has set. Note that if you’re in the market for a CASB, the service may be rolled up as part of an overall cloud security service.
Firewall-as-a-Service (FWaaS) - Firewall as a Service is one of the more self-explanatory services but it’s important to note that this refers to a cloud-based service. Rather than protecting an organization’s perimeter (which no longer exists in a traditional sense), a cloud-based firewall can scale with an organization and adapt to various network and environment configurations.
As you move towards a SASE model, note that various solutions, cloud-based providers, MSP, MDRs, and MSSPs can offer these technologies as a part of their services even if they don’t have the same name for it.
How organizations can benefit from SASE
Organizations who have adopted the SASE framework can expect the following benefits.
- Stronger controls - Because SASE prioritizes full visibility and cloud-based security, you’re applying security standards and controls across all devices, end users, and partners.
- Lower complexity - The zero trust model makes it easy to apply security controls to all users and systems because, by design, there’s no differentiation. All users and devices require authentication, making the system easier to implement.
- Easy to scale - SASE focuses on working with cloud environments and vendors in an effort to make scaling easier as you add devices, end users, and expand your cloud infrastructure.
- Improve efficiency and security - SASE doesn’t want to slow down an organization’s productivity or efficiency for the sake of security and much of its recommendations and choice of software reflects that.
Ultimately, SASE aims to take stock of all network activity across multiple clouds and servers, and apply a security framework that aims to reduce friction via a zero-trust model.
SASE is best suited for an organization with a wide and distributed network and cloud-based infrastructure. If that sounds like it applies to a lot of organizations, that’s because, by design, it does. SASE was developed as a reaction to the fact that many organizations were using traditional on-premise security frameworks and solutions to secure their environments.
This failed to account for the risks involved with cloud-based architecture — as organizations tried to make up for this change in security needs, they were left with an inefficient patchwork of solutions, systems, and processes, resulting in elevated costs and reduced productivity.
If this applies to your organization, it’s worth assessing whether building towards a SASE model is right for you. Remember that you can take elements from SASE like its focus on reducing complexity and starting with cloud-first security as priorities while not having to adopt all elements. For example, if you have a robust identity-based security management system that works well, you may not need to resort to a Zero Trust model.
Ultimately, think back to your organization’s needs and to the fundamentals of your role. You may need to adopt a new framework or adapt one to your current environment. Either way, you’re making an improvement.
To get a strong sense of how to approach your cyber risk management strategy, download our whitepaper here.