It is stating the obvious—but 2020 was a crazy and unprecedented year in many ways. The Covid-19 pandemic shut the world down and forced businesses to adapt quickly. The near instantaneous shift to a completely remote work-from-home business model enabled many businesses to continue operations, but it also required organizations to rethink how employees connect to and interact with applications and data, and the security implications of doing so from computers connected to consumer wireless routers communicating across the public internet.
Digital transformation was gaining momentum even before the pandemic hit, but most organizations were either in the very early stages or were still planning to begin digital transformation efforts at some point in the future. Overnight, those businesses were forced to accelerate digital transformation. Suddenly, the cloud and SaaS (software-as-a-service) applications became crucial for productivity.
While the cloud and SaaS applications enable productivity, there are a variety of security concerns that come with using them, combined with the security implications of essentially obliterating the network and relying on the public internet as the backbone of the company infrastructure. The legacy security solutions, and network configuration and monitoring tools simply don’t have the scalability and automation necessary.
Securing Digital Transformation
That is where newer concepts like SASE—Secure Access Service Edge—and zero trust and come into play. SASE plays an essential role in enabling organizations to adapt to more modern network architecture and enable digital transformation securely. Zero trust extends the concept of least privileged access and embraces a model of never trust, always verify to continuously validate that the people, applications, and services accessing your applications and data are authorized to do so.
According to research from ESG, the percentage of employees working remotely more than tripled from 19% to 61% as a result of the pandemic. The same study also found that cloud usage has become virtually ubiquitous, with 94% of organizations stating that they use public cloud services like SaaS and IaaS (infrastructure-as-a-service).
MORE FOR YOU
The Dell’Oro Group projects that the SASE market will grow to more than $5 billion annually by 2024—a result of its established momentum, accelerated by the shift to remote work during the pandemic.
SaaS Security Concerns
As organizations migrate to the cloud and embrace SaaS platforms and applications, cyber attackers adapt the threat landscape to match. Analysis by Menlo Security reveals a consistent increase in attacks that leverage a legitimate SaaS platform since 2019. According to Menlo Security, nearly 6 out 10 (59%) of attacks leveraged a legitimate SaaS service to launch the attack.
Another element of SaaS and SASE is understanding that the network perimeter is dead. Even before the pandemic, the rise of laptops and mobile devices, and the ability to connect to cloud services from a hotel or coffee shop meant that the traditional model of “inside” or “outside” of the network was essentially dead. Covid-19 put the final nail in that coffin. Now, every individual user is his or her own network perimeter. Every computer or mobile device represents the “edge” of the network.
That provides significant benefits in terms of productivity, and the freedom and flexibility to work from anywhere at any time, but also comes with security implications. A survey of IT decision makers by Menlo Security found that 86% of respondents agree that attacks on mobile devices are becoming more frequent and sophisticated, and that the number of different ways mobile devices are being attacked is increasing. More than three fourths (76%) believe that end users are more open to attacks on mobile devices than they were a year ago.
“The perimeter of the past no longer exists and remote work is now the mainstream, making it imperative that organizations take a hard look at their existing security solutions and stop accepting the ‘almost secure’,” said Menlo Security’s CEO, Amir Ben-Efraim. “We’re thrilled to expand on our existing relationship with VMware and provide customers with truly unmatched cloud security so we can move towards a future of 100% security.”
Benefits of SASE
SASE improves security for digital transformation and the growing onslaught of threats targeting cloud services and SaaS applications by consolidating the benefits of multiple network security layers into the architecture of the cloud itself.
There are a variety of benefits for organizations to consider with SASE:
- Provides a malware-free internet experience
- User experience and simplicity of management is a key outcome
- Provides control and visibility for sanctioned and unsanctioned applications
- Provides a zero trust way of accessing private applications without the clunkiness of VPN infrastructure
- Lowers total cost of ownership and maximizes ROI (return on investment)
Delivering these capabilities from a cloud-native, cloud-delivered platform provides the performance and scalability necessary to defend cloud services and SaaS platforms. It also provides centralized policy management and configuration, as well as consistent enforcement at the edge—whoever and wherever that may be.
Future of Security
The digital transformation trend in general, and the dramatic shift to remote work resulting from the Covid-19 pandemic are driving massive shifts in the attack surface and threat landscape. The resulting change in network architecture and infrastructure yields a variety of benefits, but also introduces a number of unique security concerns. Security solutions like SASE represent the future of security and enable organizations to adopt digital transformation without sacrificing protection.