Cybersecurity professionals have been declaring the death of the network perimeter for years—and what was once a clear border has definitely eroded over time. The advent of the COVID-19 pandemic and the sudden shift to companies operating with an entirely remote workforce has both expanded and complicated the issue. Nico Popp, Chief Product Office for Forcepoint, presented a session at the Forcepoint SASE CyberSummit that described some of the challenges that organizations face and stressed the value of what he described as the “four horsemen” of SASE.
What is SASE?
SASE is an acronym for Secure Access Service Edge. It is a term that has gained a lot of momentum recently, as organizations struggle to address the death of the traditional network perimeter and embrace a more fluid and dynamic definition of where the network edge is and how to protect it.
The traditional model is all but extinct at this point. Organizations used to have data and applications hosted from and managed in a local data center. Security was a more straightforward proposition because everything of value was essentially contained in that one room and all you had to do was manage access in or out of the data center. The advent of the cloud and the move to software-as-a-service (SaaS) platforms and applications has fundamentally changed things.
Nico Popp posed the question, “Where do you put security when users want to go straight to the cloud?”
He then shared details on the “four horsemen” of SASE—the things you need to do, and do properly to have functional SASE solution and effective protection.
Protect Users Against Threats
You have to protect users against threats, but that is more challenging with a remote workforce. When the user is not sitting at a desk in an office on a network that is managed by the organization, you have to handle security differently. You can put a firewall between the user and the rest of the connected world to protect them—complete with foundational protection like intrusion detection, intrusion prevention, and anti-malware. Because the user is remote, the protection needs to be delivered and managed from the cloud.
Provide Reliable Connectivity
In order for remote users to be productive, they need to have reliable connectivity to company data and network assets. The connectivity must also be secure—for both the user and for the organization. With a smart agent on the endpoint, you can manage and protect sensitive corporate applications and data while ignoring things like Netflix or other personal applications.
Protect Data Everywhere
Use zero trust access when connecting to SaaS platforms and applications. Sensitive company data will be transferred back and forth between the SaaS app and the user’s home. You must be able to encrypt and secure data in transit and at rest on the user’s endpoint. You should also have DLP (data loss prevention) capabilities to enforce data security policies and monitor how data is accessed or used at the endpoint.
How do you know that the “Joe” that you’re allowing to connect is the right “Joe”? What do you do if your trusted employee turns against the company and becomes an insider threat himself? It’s important to continuously re-assess your trust of every user and endpoint. Behavioral analytics help determine anomalous or suspicious activity and alert IT or security personnel to pay more attention if strange behavior is detected. Dynamic user protection uses behavioral analytics to determine the relative risk of user activity based on indicators and context.
The network has moved to the cloud. The users—in many cases—have now moved to their individual homes. Business is conducted in, over, and through the cloud. SASE is gaining momentum because organizations recognize that the network environment is more complex and dynamic, and it’s critical to adapt cybersecurity tools and policies that are effective in this new reality.