GUEST ESSAY: Here’s how Secure Access Service Edge — ‘SASE’ — can help, post Covid-19

One legacy of the ongoing global pandemic is that companies now realize that a secured and well-supported remote workforce is possible. Recently, the University of Illinois and the Harvard Business School conducted a study, and 16% of companies reported switching their employees to work at home from offices at least twice a week.

Related: SASE translates into secure connectivity

The problem here is that a secured, cost-effective, and efficient networkmust be developed to support remote operations at scale.  Gartner refers to this as the Secure Access Service Edge (SASE), which is a framework combining the functionality of Wide Area Network (WAN) with network security services to shield against any cyber threats or cloud-enabled SaaS.

The makeup of SASE 

Many enterprises have accelerated their use of Virtual Private Network (VPN) solutions to support remote workers during this pandemic.

However deploying VPNs on a wide-scale basis introduces performance and scalability issues. SASE can function as security infrastructure and as the core IT network of large enterprises. It incorporates zero-trust technologies and software-defined wide area networking (SD-WAN). SASE then provides secure connectivity between the cloud and users, much as with a VPN. But it much further. It can also deploy web filtering, threat prevention, DNS security, sandboxing, data loss prevention, next-generation firewall policies, information security and credential theft prevention. 

Thus SASE combines advanced threat protection and secure access with enterprise-class data loss prevention. Given the climbing rate of remote workers, SASE has shifted from being a developing solution to being very timely, sophisticated response to leading-edge cyber attacks. Here are a few  guidelines to follow when looking for vendors pitching SASE services:.

•Vendors must own a network, or contract with a reliable and substantial telecom network. It must be rock-solid since SASE services are network-delivered.

•Vendors must be an SD-WAN player. This makes an easier approach for traffic administration and has a better user experience than the traditional one.

•Vendors must have security chops, security professionals, security strategies, and managed security that include expertise in firewalls, intrusion detection, securing web gateways, content filtering, and machine learning.

•Vendors must have a zero-trust concept that seeks verification all the time.

The cyber threats landscape

SASE is a sophisticated response to a complex, dynamic threat. Cybercriminals nowadays leverage cloud services , machine learning and data analytics. They’re intensively using advanced techniques in these areas:

•Malware self-propagation. Clicking on a link releases crypto worms and ransomware that are network-based. This type of malware can easily do network-speed propagation and cripple a company’s IT operations.

•Ransomware. Malicious extortion campaigns continue to wreak havoc at both big and small companies. Cisco’s security report revealed hackers making bucks while destroying data and systems. The Nyetya attack posed as tax software; it demanded a ransom, threatening to unleash wiper malware designed to destroy supply chain systems.

•Stealth. Advanced evasion tactics are being widely leveraged to skirt sandboxes and avoid detection. Threat actors make use of cloud services for control and command that makes malware difficult to be accessed using traditional security tools.

 •The IoT vector. Unmonitored IoT devices are inherently insecure. They get deployed with little IT staff oversight; security patches rarely get done, leaving endless backdoors open to threat actors.

Vital best practices


SASE can support the no-brainer security strategies all organizations need to apply, including:

•Segmentation implementation. Taking this approach helps to ensure that the damage from any breaches, when they occur, gets confined and small area.

•Leverage machine learning-based tools. Machine learning-based tools can help in quickly connecting dots; they can be used to sift through even large data amounts and search for any anomalies, at scale.

•Automate security of IoT devices and onboarding. Deploy NIST best practices to IT, operational technology, and security operations to ensure lesser to none impact on critical systems

•Extend security with cloud. Lastly, security must be extended using the cloud. This includes using well-known cloud service providers and conducting regular security audits.

The global pandemic is still with us, and remote work continues on the rise. Post Covid-19, remote work is likely to stay at a high level. Companies must think and apply the latest methods, including SASE, to combat any security threats.

SASE has been acknowledged as one of the latest solutions that can be done even on mobile devices to continuously prevent any inherent threat from entering the virtual work environment.

About the essayist: Postan is the former SEO and Content Director of Outbrain, and previously worked in the gaming, B2C and B2B industries for more than a decade.

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: