“Zero Trust” and “SASE” (Secure Access Secure Edge) aren’t new terms, but their use in the security vernacular has been accelerated recently due to a major IT change agent: COVID-19. The rapid pace of digital transformation was already well underway before 2020. But the disruption of the pandemic was the compelling event needed to speed along late adopters of change and create a sense of urgency to improve security.
The concept of Zero Trust is a critical component of getting started with a SASE approach. “Never trust, always verify” as well as “assuming breach” mean that we need to be aware of the access and privileges of users, as well as the current threat landscape. (“Is this user who is accessing my cloud application compromised?” or “Has this user’s account been taken over?”)
Analyst firms are quick to point out, correctly, that neither Zero Trust or SASE are products, but approaches and architectures that can help you better identify use cases to solve security challenges. (Dare I say, taking a people-centric approach to the problem?) Forrester analyst Steve Turner comes right out and says that “Zero Trust Is Not a Security Solution; It’s a Strategy.” And Gartner analyst Andrew Lerner refers to SASE as a “pragmatic and compelling model that can be partially or fully implemented today.” Gartner also lays out both short-term and long-term recommendations in their 2021 Strategic Roadmap for SASE Convergence.
SSE: Following users and adapting to specific use cases
Another security term that you’ll be hearing a lot about soon, if you aren’t already, is Security Service Edge (SSE). Gartner states that SSE “secures access to the web, cloud services, and private applications. Capabilities include access control, threat protection, data security, security monitoring, and acceptable use control enforced by network-based and API-based integration. SSE is primarily delivered as a cloud-based service and may include on-premises or agent-based components.”
The central theme for SSE is that a set of security services should follow the user and quickly adapt to their specific use case requirements. For instance, is your organization solving for the challenges of securing your remote workers? Are you concerned with securing your people and the cloud applications they use? If so, you might need a different approach and set of supporting technologies to segregate users’ personal apps from corporate apps, and the inevitable mixing of data between personal and work environments.
Bringing it all together
Many organizations are now looking for ways to help translate the approaches and concepts of Zero Trust, SASE and SSE into their own security architectures. As an example, one recent customer who was already using threat protection capabilities in the Proofpoint Cloud App Security Broker (CASB) and Proofpoint Email Security solutions further converged and optimized around our technology by adding Proofpoint Browser Isolation, Proofpoint Web Security and Proofpoint Zero Trust Network Access (ZTNA). This vendor optimization approach has led to several positive outcomes for our customer, including the ability to:
Establish uniform policies: Managing multiple policies for application governance, data security and threat protection across multiple products had become unwieldly and untenable for our customer. The lack of policy uniformity had plagued legacy products, including those for data loss prevention (DLP), for years. Prior to converging and optimizing around our technology, the customer lacked uniform rules and event scenarios at different points in the environment (cloud, web, endpoint, email).
- Optimize the user experience: By using a ZTNA approach with strong identity and access management (IAM) integrations (to tie into an existing IAM platform), the customer was able to sync up security controls quickly and confidently with business rules to ensure proper access to apps and data. This has led to a reduction in help desk calls from users trying to access apps and data to accomplish their day-to-day work.
- Reduce costs: Consolidating capabilities at the SSE instead of managing multiple point products reduces complexity and improves workplace outcomes. For one, time management is optimized through reduced training and switching from the sequential to concurrent running of processes. Also, with fewer solutions to purchase and maintain, capital and operational costs can be reduced significantly.
And finally, with the Proofpoint Information and Cloud Security Platform, which underpins our SSE solution, security administrators can take a role-based approach to security, while allowing certain security operations teams to have a cross-channel, cross-product view of events in a unified Alert manager. That has helped our customer to break down the operational silos that often exist within security teams, such as threat analysts versus DLP analysts not seeing the full context of an event.
For more information about Proofpoint Cloud Security, head to https://www.proofpoint.com/us/products/cloud-security