With many employees working from home, current network and network security architectures are failing to effectively serve the requirements needed for digital business, including optimum security. This is according to Michael Wood, CMO at Versa Networks, who tells us how Secure Access Service Edge (SASE) is transforming SMEs’ network security and what businesses can do to adopt SASE.
What are the current inadequacies around existing network security architectures for SMEs?
An obvious factor that most SMEs are currently facing is the fact that their employees are working remotely. Home environments are not typically an extension of an SME’s network, so they become one of the least secure and least protected environments that exist. Suddenly, due to the pandemic, these extended networks have to be protected. As such, this has become one of the biggest areas of security exposure for SMEs and therefore means their network security architectures need to be assessed and possibly changed.
Another area of inadequacy that certainly contributes towards the large security exposure experienced by SMEs is the devices used by employees to connect to the network. Some SMEs may provide corporate devices for their employees to use, but many do not have the budget to do so. As a result, employees are left with no choice but to use their personal devices to gain access to corporate assets which may be located on-premises but are typically in the cloud.
The reason why many company applications are found on the cloud is because SMEs, rightly so, have looked to take advantage of solutions that are more cost effective and cloud offerings are perfect for them. Consequently, this has created an environment where many employees are working remotely and accessing applications from multiple devices which, in many cases, are now distributed around the world (depending on the scalability of the organisation).
As such, those who look after security for SMEs (this could be a team or even an individual person), are struggling to maintain control and actually secure their network.
Why is it time for an industry shake-up?
The pandemic has been a wake-up-call for SMEs who have been thrust into an environment where they’ve been forced to operate despite not having the proper infrastructure to do so. Some have been successful and maintained Business Continuity having planned digital initiatives that were in motion before the pandemic, which they’ve then been able to execute against.
However, many businesses did not set up a digital initiative and have struggled to maintain Business Continuity as a result. I expect we will see a ‘pandemic effect’ where the remote access environment we’re currently working and living in will continue for the next few years. The SMEs that do not have a digital initiative and did not prepare ahead of this year must start making a change to their network infrastructure, otherwise they will have a difficult time surviving in this continued environment.
SMEs which did not prepare should take examples of effective IT strategies from other businesses that have succeeded and continue to do well in this climate. Solutions such as secure software-defined networking in a wide area network (SD-WAN) and Secure Access Service Edge (SASE) have helped create an environment that has allowed businesses to thrive because these solutions secure not only the corporate applications used by employees, but the devices that are being used as well, which ultimately protects the company. All businesses should look for a solution that does this in order to prepare for the future and not put up with an inefficient infrastructure that is not secure.
How has user behaviour been a catalyst for the convergence of WAN and SDN?
Prior to the pandemic, we were already seeing a rise in companies, including SMEs, shifting their data to the cloud. The cloud is a great solution for SMEs because they can consume it as a software-as-a-service (SaaS) model meaning they can subscribe to it, tailor the number of users and utilise it from anywhere. However, when applications that reside in the cloud have to go through security measures, they often have to move from the cloud to wherever the security services are in order to check they are safe to use. This causes latency, performance issues and can lead to a potential security threat.
However, by converging wide area networking (WAN) and software defined networking (SDN) and making it secure (secure SD-WAN), then the security services are already in the cloud where apps are sourced and running. This means the security measures are run more efficiently and the issues experienced by SMEs who do not have secure SD-WAN do not occur.
As part of the SASE offering, if an SME already has secure SD-WAN in place, then implementing further SASE solutions becomes easier. Because SASE is a cost-effective model, SMEs don’t have to buy numerous security services to cater to their data centres or branch offices. Instead, all of these services can be delivered in the cloud and it therefore becomes more cost effective to deploy to multiple locations.
What are the benefits of an integrated cloud and network security approach?
SASE is the integration of wide area networking (WAN) and security solutions such as Zero Trust and firewall-as-a-service (FWaaS) into a single service that can be delivered entirely through the cloud, on-premises, or as a blended combination of both.
The benefits of having a service that provides an integrated cloud and network security approach includes the ability for these services to be delivered in the cloud and on-premises (whether that be in the office, in the data centre or even in the home). This is hugely beneficial to SMEs because it gives them the flexibility to enable these integrated services, such as SASE, in the cloud or on-premises, depending on location and/or type of application.
Having different networking security solutions within one integrated service can help to drastically simplify the IT infrastructure, making it easier to manage and reducing the burden of paying for multiple separate services.
Why should SMEs consider implementing this strategy?
The reasons are two-fold. Many SMEs have already shifted to the cloud so any digital initiative that includes cloud transformation allows for the implementation of the SASE strategy. SASE will eventually become essential so if they do not implement it now, they eventually find it to be a mandatory service.
Secondly, the threat vector has changed. Cybercriminals are always focused on the weakest link within a company’s system, so an SME must look at the entire network and identify the weakest links in order to protect it. However, as the move to remote working has occurred and more devices connecting from different locations has risen, the threat vector has become larger. SMEs need to identify their biggest threat and implement a strategy that can secure the device, mitigate risks and protect the company. This solution also works on a small or large scale, depending on the company.
What can SMEs do to adopt a SASE approach to their enterprise network security?
It is very easy to implement a SASE solution as part of a network. We’ve already discussed that if an organisation already has SASE capabilities (such as secure SD-WAN or FWaaS), then it becomes even easier for them to adopt other SASE capabilities.
There are also SMEs who already have a Zero-Trust network access (ZTNA) which is part of a SASE solution. Once one of these services is used and already integrated, it is much easier to expand and add more services which can be deployed either on-premises or in the cloud, which allows for flexibility.
However, even if an SME does not already have SASE-related capabilities in place, it is still easy to deploy. They can start by activating the service in the cloud which can be as simple as activating an email service and adding the number of users you would like to have access to that specific service.
Because this is a cloud-native model, it is easy to expand and add services and solutions that can offer improved performance and be tailored according to the networking experience that is needed for different individuals (such as security teams and individual employees etc).
How do you see SASE adoption becoming a game-changer looking ahead?
I strongly believe SMEs who have adopted SASE early will grow their competitive and business advantage and lead over those SMEs and larger enterprises who have not deployed SASE.
If these solutions are implemented early, businesses in industries such as retail, banking, healthcare, education and the public sector can operate at a much higher performance level with much greater security.
If an SME can take advantage of the economy for cloud security services and implement it globally for those using their services, they will have an almost unfair advantage over the other businesses and organisations within their industry.
2021 for SASE will, in general, be a year where we can expect to see an influx in SASE adoption by companies big and small because the barrier to entry is low for this service. Individual users within a business can use SASE services on their own, but the IT team can still maintain and control it, meaning everyone benefits.