SASE: Securing the Digital-First Enterprise

In the last year, the very concept of the office environment—and how work, collaboration, and communication takes place—changed dramatically. Now that users work on devices and connect over networks that corporate IT does not control, security risks have grown massively. Users, data, devices, and workloads are distributed largely outside of the data center, and often not on the corporate network, demanding new approaches for security.

“The increase in remote users and Software-as-a-Service (SaaS) applications, as well as more data moving to the cloud, has driven a need for a new approach to network security,” says GigaOm Analyst David Linthicum.

Secure Access Service Edge (SASE) architecture is increasingly seen as a solution to the challenges presented by new remote work patterns. The architecture combines multiple features to reduce complexity and security-related risk, helping organizations prepare for the security challenges of the so-called “new normal” of work.

Figure 1. Core and Additional Capabilities of SASE Solutions

In Linthicum’s new report, Delivering on the Promise of SASE, he explores the emergence of SASE, offers advice on how to deploy it, and examines what lessons can be learned from those already on the journey to using SASE for better security across tools and processes.

SASE, he notes, is not a “one-size-fits-all” solution: each deployment is unique and needs to be considered in a way that addresses the needs and practices of the organization concerned.

“Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems, or edge computing locations,” says Linthicum. “The number and types of solutions that you can deploy using SASE are customizable to meet your specific needs. If this was not the case, it would be less useful.”

Linthicum offers advice for IT leaders interested in SASE:

  • Focus on business need, making sure you understand what problems you’re solving and the impact to the business.
  • Don’t fall in love with the technology, it will be shifting quickly.
  • Focus on the larger strategy of security, then on how SASE may fit, and then on how to create useful and flexible entities.
  • Make sure you include future planning.

Enterprises that are examining SASE solutions should know that deployment is what Linthicum calls a “stepwise approach.” He advises starting with policy management and then selecting a vendor that understands your needs so it can join you on the journey to develop the right SASE deployment for your organization. The solution needs to match the needs of your key stakeholders and customers as you grow and develop.