This time last year, two trends in cybersecurity were beginning to get real traction: Gartner’s Secure Access Service Edge (SASE) and Forrester’s Zero Trust (ZT). But that was just the beginning. Little did we know that the world would turn upside in March, driving most of us to flee our offices and work remotely from home. IT organizations performed heroic acts to get people working.
Now, some of what was done for expediency is being re-examined in order to prepare for future in which people work anywhere, in going from home to office and maybe eventually, even traveling once again.
Practical Advice for Implementing SASE and Zero Trust
Security systems that had depended upon people being inside particular networks (physically or over VPNs) often couldn’t handle the load or required expensive network upgrades. Replacing such infrastructure with cloud-based security-as-a-service had been part many organizations’ longer-term digital transformation strategies. Suddenly, it became an immediate, tactical need.
Perfect timing for SASE and Zero Trust
SASE has been gaining momentum among vendors and customers as an architecture for bringing security that used to be delivered via siloed point products together into a converged, cloud-delivered platform. It makes it much easier to protect people who are working “outside the walls” of the enterprise as they access information on the web, in cloud apps, and in internal private apps.
At the same time, with people no longer “inside” the enterprise, old assumptions about implicitly trusting employees to have free access to roam around inside the network once they’re connected no longer seems like a good idea. Who knows which remote users might have visited personal sites or streamed content they wouldn’t have from the office, potentially compromising their laptops or other devices? But, reducing this sort of risk is exactly what Zero Trust is all about. Put SASE and Zero Trust together and you get the best of both worlds: a cloud-based architecture for more efficiently and more securely protecting people and data no matter where they are.
Security professionals are no longer simply asking “Which do I do: SASE or Zero Trust?” They’re now asking “How do I do them together.” The answer is to use SASE as a platform for applying Zero Trust principles. In other words, Zero Trust-as-a-service (ZTaaS).