Digital transformation is ubiquitous across nearly every sector, which has resulted in a new way of connectivity. Cloud migration, resources moving from the offices to the cloud, and mobility, employees working outside the office, are both large factors in this transformation and have dissolved the perimeter we once knew. In turn, security needs to keep pace.
Mid-size businesses have made themselves agile in protecting data, resources, and users by adopting secure access service edge (SASE) solutions. Gartner first coined the term back in 2019, and adoption was accelerated by pandemic-related closures since remote access security is covered by SASE. Unlike many other shifts caused by the pandemic, SASE is not a temporary measure.
According to Gallup, 59% of employees prefer to work in a hybrid environment, nearly double the 32% that had the same preference in 2019. The CIO 2022 SASE Market Trends Study reports 94% of IT directors and enterprise leaders said the need to make remote work sustainable for the long term has accelerated their interest and investment in SASE.
Hybrid work is here to stay, and many businesses are adjusting, now running their corporate networks over the internet to cover both on-premise and remote users. SASE tools — like Secure Web Gateways (SWGs) and Zero Trust Network Access (ZTNA) solutions — are a means of protecting those networks.
SASE adoption is still on the rise. According to a report by Dell’Oro Group, SASE saw 30% growth in Q2, and SASE spending is on pace to top $6 billion this year. Modern businesses are adapting faster, while legacy enterprises are still planning the migration.
The road has been paved for them to join the SASE movement. This has been the pattern with other tech trends, like when Slack went from an underground communications tool to a mainstream necessity for all.
What’s the best path for large enterprises’ road to SASE? Let’s look at three steps every business should take along the way.
Understand your end goal
It’s hard to roll out any plan without a blueprint, including implementing SASE solutions. The objective is to have a unified network and security experience inside and outside the office. That doesn’t mean you need to rip and replace all your existing infrastructure, though.
Any SASE vendor should be able to work with the resources you already have as a starting point. You may have even already implemented some of the individual components of SASE, like a ZTNA tool for remote access, a Secure Web Gateway, or Cloud Access Security Broker (CASB) to protect employees accessing the internet and SaaS applications.
Getting all the components in place will properly secure the hybrid environment, which we know is the way of the future. Delaying implementation of these components has a rippling effect. It leaves your business under-protected, which will only cost you down the road.
Integrate and migrate
Many businesses were forced into addressing remote access at the beginning of the pandemic, which is a well-documented access point for SASE. The other common challenge that leads businesses to adopt SASE is internet security. SWGs can help you secure employees’ internet access even outside of the office.
Some enterprises claim to be satisfied with what they currently have (because they’ve already invested time and money in these tools), but legacy solutions can’t solve today’s challenges. SASE gives you the opportunity to integrate and migrate new assets to the cloud so you can start small and scale your usage. It doesn’t require many resources to get up and running.
All of the SASE components can be delivered via cloud-based software, so there is no overhead cost involved for installing and maintaining hardware solutions in an office that may be empty. This modern approach to security complements the changing business landscape, where employees are moving outside the office and resources are migrating to the cloud.
Start small
A common pain point for businesses that adopt SASE is how to get started. Don’t try to boil the ocean. Begin implementing SASE for a specific group, like third parties, your developers, or your quality assurance team, then continue with other departments.
Another approach is to implement based on the use case. Maybe you're setting up a new public cloud environment and want to ensure you have the proper protection or just tackle a set of devices that will be doled out to employees. Implementing SASE step by step will keep you from having to boil the ocean. Once you get it right for a specific department or use case, you can easily expand implementation to other areas.
Taking this approach eases what can be an arduous process. Vendors that require installation of hardware on Day 0 only create complexity and add confusion. This is antithetical to the allure of SASE — simplified protection, so there is only one network and security experience.
As SASE adoption continues, particularly in the realm of large enterprises, it will require a new mindset. The headaches of legacy hardware needing add-ons and extra configurability to solve modern problems no longer apply. A scalable, cost-efficient, and cloud-based service is the way of the future to provide simple yet comprehensive security no matter how large your business is or where you connect from.
Amit Bareket is CEO and Co-Founder at Perimeter 81.
Related articles:
Senior stakeholders who want to hold on to their CISOs must ensure that they have sufficient incentives and, more importantly, support to cope with the burden of risk that they are carrying.
The most alarming takeaway from Cisco’s new Cybersecurity Readiness Index report is that even after decades of having the importance of cybersecurity driven home, cyber threats are still taken too lightly.
In today’s data-driven world, higher educational institution networks and their management must be modernized to address the needs of everyone across campus. Enterprises face similar challenges and also need to modernize their networks.
