Secure Access Service Edge (SASE) for Hybrid Work Environments

In 2020, the way people worked changed, likely for good. Instead of being in the office most of the time, employees worked at home. Although some workers have come back to the office, hybrid work is here to stay. Secure Access Service Edge (SASE), pronounced “sassy”) is ideal for hybrid work, with its cloud-native architecture, centralized access policies and support of access based on device identity. Read on to learn more about this architecture and what it can bring to hybrid offices.

 

Benefits of SASE for Hybrid Work

 

The cloud-native architecture of Secure Address Service Edge can combine the flexibility and scalability of cloud with the connectivity of Software-Defined Wide Area Networks (SD-WAN). Add to this centralized access policies based on user device identity. Data does not need to travel from one source to the data center, and back again–lessening the chances of it being lost or intercepted in transit. Access is verified at specific endpoints when a user logs in, and data can travel along SD-WAN pathways to these endpoints, once verification occurs. SASE can address the needs of hybrid offices for security and connectivity. 

 

Key components of SASE include:

 

  • Secure Web Gateway: a cloud-based proxy that enforces standards for communication applications like Microsoft Teams, which are frequently used by hybrid offices. 

 

  • Firewall as a Service (FWaaS): Cloud-based firewall that provides a standard security experience and eliminates the need for an on-premises firewall.

 

  • Cloud-Access Security Broker: Extends rules and policies to software and infrastructure not owned by your company.

 

  • Zero-Trust Network Access (ZTNA): Anytime a user or device (such as a remote worker’s laptop) requests access to the network, it is evaluated to ensure that it has a right to access the network, and access is granted–or denied, if suspicious. 

 

Considerations for Adopting Secure Access Service Edge

 

While SASE is an effective architecture combining SD-WAN’s connectivity with various security controls, it is not a substitute for cybersecurity policies. Hybrid offices, with some endpoints beyond the office’s perimeter, are still subject to social engineering attacks like phishing. Employees still need to know how to spot and report a phishing email and prevent malware from entering the network. Companies still need to assess the offerings of SASE and how it aligns with business goals (including hybrid work). Other technologies, like endpoint detection and response (EDR) and/or Managed Detection and Response (MDR) may need to be deployed alongside SASE. 

 

Secure Access Service Edge (SASE) can help give your hybrid work environment the connectivity it needs, as well as support security policies. For more information on using the SASE architecture in your company, contact your trusted technology advisor today.