Skip to content

Why the SASE Security Model Makes Sense in Today’s Environment

Security is certainly front of mind for anyone involved with IT today. That’s why many companies have adopted stronger and stronger measures to prevent successful cyberattacks. That typically means having end users—those working both remotely and in the office — access all their data via a backhaul connection through a virtual private network (VPN). This approach lets users take advantage of the organization’s firewall, filters, and other security measures. But while users may be able to access the resources, they need this way—whether that’s SaaS applications or files—there are probably still plenty of gaps that exist in your security fabric.

Even companies that have put much more extensive measures in place to avoid the consequences of cybercrime aren’t safe anymore. Take it from the FBI. The bureau’s Internet Crime Complaint Center (IC3) recently released its Internet Crime Report 2020, noting that the Center received a record number of complaints in 2020—791,790. Even worse, the report cited that cybersecurity losses exceeded $4.1 billion. With more people working remotely, users accessing networks with their own devices, and ransomware trying to sneak in from everywhere—rising to 27 percent of all malware incidents in 2020—what’s needed is a new approach to security. SASE is the solution.


Quest CTA CybersecurityDiscoverySession


What is the SASE security model?

Secure access service edge, or SASE, is the convergence of wide area networking (WAN) and network security services. Those services can include cloud access security broker (CASB), firewall as a service (FWaaS), secure web gateway (SWG), zero trust network access (ZTNA), and many others. SASE gives you granular, intelligent protections, taking into account a variety of factors. These can include user identity, user location, sensitive data patterns, and resources accessed, among others.

Essentially, SASE moves security from the data center to the cloud, eliminating the need for a VPN backhaul. With SASE, each of your users is always protected, wherever they may be. And, because SASE is cloud-based, you can be certain that the applications and resources your users need are always available. That should help take care of your concerns about capacity and availability. SASE’s security policy benefits extend to both offline and online users. And, because each user connects directly into a SASE security cloud—instead of hopping across multiple networks and the internet for access—performance is not compromised. Users are simply protected by preset SASE security policies wherever they go.

SASE: Many choices for a simple solution

There are plenty of SASE solutions on the market today. Each is likely a bit different from the others in terms of policy deployment and connection methods. But most SASE solutions offer a security cloud that users connect to with an agentless or client device. Users then access the environment where the applications and resources they need are available via the role-based security policies that you have put in place. Limiting access to that environment to users that arrive via SASE adds next-level data protection security.

SASE simplifies security, too, by letting you configure your policies to be as restrictive or flexible as you need. Those policies can be applied as network access controls (NAC), application version and patch update requirements, multi-factor authentication, and more—all without having to go back through firewalls. And, because SASE is based on user attributes, on-site and remote workers all have the same high level of protection.

Scalable security, better performance

Today, users are often connecting to your network with their own devices. That became especially true when the COVID-19 pandemic forced everyone who could do so to quickly shift to remote work. Now, with machines connecting to your network that haven’t been updated or patched, all kinds of new vulnerabilities have popped up. Imagine how much stronger your security would be if you knew every machine that connects to your network was up-to-date.

When it comes to applications and resources, users hate to wait. And every minute wasted while they wait costs your business money. SASE eliminates the performance issues that are typically associated with VPN connections where hundreds or thousands of employees are fighting for bandwidth. With SASE, once a user is verified and authorized, all the services they need are directly available.

You might think of SASE as a secure “tunnel” to the cloud that lets your users access everything they need within your organization. So you can forget about having to backhaul data to keep it safe, reducing network bottlenecks.

Choosing the right SASE solution

While SASE is simple once it’s in place, understanding your options and choosing the right solution isn’t easy. The best approach is to do a full cybersecurity review of your situation to help you set your security goals, analyze how you work today, how that might change in the future, and help you identify the solution and policies that deliver the capabilities you need.

SASE is the perfect complement to the new hybrid remote work environment, making it possible for you to implement enhanced security efficiently and effectively. That will help you avoid worrying about where your users are, what devices they are using, and whether or not their machines are up to date. Take the next step and find a managed network and security services partner that can show you how SASE can contribute to next-level security for your organization.

I hope this post has shed some light on SASE and has been a valuable use of your time.

Thank you for trusting us to help with your cybersecurity needs. Contact us any time—we’re always happy to help.


Meet the Author
Jon Bolden is Quest's Certified Information Systems Security Officer
Contact Quest Today  ˄
close slider