What is SASE and how should you use it?

The requirements for cyber security have changed in the past few years as more people can now work from anywhere—whether the office, at home, or another remote location. Since remote-access technologies are exposed to more security risks, many companies are considering how to ensure a secure work environment for employees working in different locations.

Secure Access Service Edge (SASE) is a service concept developed by Gartner in 2019 for organizing secure hybrid work. It ensures secure remote working by restricting access based on user, device, and application identity. The SASE solution identifies the user's rights, the context of use, and the company's security and compliance guidelines—and immediately alerts if a security breach takes place. 

In the SASE architecture, the assessment of risk and trust is continuous: the technology allows identified users to access the information they need for their work, while preventing its misuse.

By 2025, at least 60% of companies will have an SASE strategy with a development roadmap, according to Gartner. Evidently, SASE is not just a passing fad, but a new way to respond to future cyber threats.

SASE in a nutshell

• SASE is an information security solution for companies using cloud services—it best serves larger organizations with hundreds to thousands of users.
• With the help of SASE, separate solutions such as SD-WAN, CASB, FWaaS, VPN, and Zero Trust are combined into one cloud-based service model.
• Through strong authentication, you can access your work environment in the same way— regardless of where you work—without a VPN connection.
• SSO makes SASE easy to use: Access to the SaaS environment and cloud services, such as Teams applications and Salesforce, is possible with a single login.
• SASE tools are able to identify sensitive data and malware, encrypt content, and monitor session risks and trust levels in real time.
• SASE radically improves visibility and control over your IT environments, and information security deviations are immediately reported to SASE administrators.
• The benefits of the SASE solution include cost savings when moving from separate solutions to a single platform through which the entire company's information security is managed.

Monitoring the work environment’s information security also benefits employees

In a remote work environment, users often take a more relaxed approach to information security. They might click more lightly on links that can contain malware, or download risky applications. When companies don't have visibility to remote work environments and IT infrastructure, the damage often happens before anyone can interfere to prevent it.

Visibility into user activity is in the interest of both the company and the employees. The SASE solution offers a wide range of controls to identify users and security breaches, including location, time of day, and unusual behavior.

The SASE solution can be used to limit the downloading of files, applications from the internet, and to prevent harmful online content and sensitive data from ending up in the wrong hands. 

When downloads are centrally monitored, employees don’t have to think about whether an application they use is secure. They also don’t have to stress about whether they’ll send sensitive data in the attachments of their personal email because SASE recognizes the content as confidential and blocks the transmission.

What to take into account when implementing SASE

There are around a dozen different SASE solution providers to choose from. When evaluating different vendors, consider management interfaces and point of presence, meaning where in the world they have their own infrastructure such as servers and networks. 

The level, quantity, and quality of support also varies between SASE service providers. Some vendors have more of their own data security technology than others, which can be connected and used with SASE.

From the user's point of view, the implementation process of SASE can simply mean the appearance of a new agent on the desktop or the change of the cloud login experience to a single login.

From the IT organization’s point of view, the scope of the implementation project depends on how widely the features of the SASE solution are taken into use. The key factors are the authentication of users when they log into services and strong authentication mechanisms, which might also be implemented at the same time.

Many companies start implementing SASE piece by piece. This is what gradually introducing SASE can look like:

1. Connecting users to the service and enabling one-time login to various cloud applications.
2. Connecting the company's own applications or servers to the service using zero trust network access (ZTNA) technology. 
3. Implementing network traffic filtering for end users. 
4. Building data loss prevention (DLP) policies so that the company doesn’t lose its business-critical data.

When implementing SASE architecture and tools, it’s also worth making sure there’s a good flow of information towards the users. For example, if you implement network traffic filtering, the IT support organization should be ready to quickly answer any filtering-related questions.

Although SASE is generally referred to as a cloud-native service, some of the solutions on offer enable the continued use of on-premises services with the help of ZTNA without separate VPN software. However, for many companies, the introduction of SASE naturally coincides with changes in the IT infrastructure, in which case it’s worth giving up several old systems and ways of working. 

You can start implementing SASE either with a partner or by yourself. Either way, keep in mind that SASE is not a single solution that solves all the information security concerns and challenges. As each company has their own unique IT architecture, the SASE solution must be built to fit the needs of each company. 

Modern information security is fine-tuned, where all the settings have to be adjusted. You’ll want to consider if there’s enough time and skills for developing and improving the information security on a continuous basis in-house, or if it would be better to hand it over and work with a professional partner.