In my early days in the industry, the only way I could access work resources was to be sitting at my desk, on my work supplied desktop using my internally delivered corporate services. When I left my desk I wasn’t notified on my phone of an incoming email or Teams meeting- I had to walk back to my machine to get access to such things.
The world was simpler then. Work resources were at work, often delivered from within that same office and accessed within that very same location. So wrap a firewall around it all, lock down the desktop (some people took that to hilarious degrees!) and ensure good hygiene with Anti-virus (AV) and systems updates.
Edge protected, job well done.
Contrast that to today. The expectation that has been set by consumer-level services (like facebook, gmail etc) is that it doesn’t matter where I am, I will have the same level of experience. Ultimately, it was the consumerisation of IT that drove people to ask why they could access dropbox from home (or on their iPad) but were restricted to a server fileshare only accessible by VPN or at best, on their work supplied laptop.
Enter cloud, exit on-premises apps. Enter BYOD, exit corporate supplied and managed devices.
The concept of a perimeter network made no sense when there no longer is a perimeter. With data increasingly residing outside of the traditional confines of your offices the “edge” has become increasingly porous and largely irrelevant.
So, how do I deliver a consistent level of protection (and experience) to everyone, everywhere? AND not throw the baby out with the bath water – we had, after all, developed some really powerful security technologies during the intervening years…
Que SASE or Secure Access Service Edge. SASE is really just a collection of security technologies and ideas (both old and new) built upon a central assumption – users will be disparate, services will be cloud delivered and identity is king.
Furthermore, SASE pushes you to answer additional questions such as:
- How do I detect and respond to an attacker moving laterally within my environment?
- How can I maintain control in an increasingly uncontrollable environment?
- How can I protect my core information assets?
SASE is ultimately the recognition that the times have changed, that attackers and attack vectors have become more sophisticated, driven by an insatiable appetite for cloud services, and our approach to security needs to recognise that.