In a world increasingly driven by the cloud, security has become a critical element for operational efficiency. SASE (Secure Access Service Edge), a term that echoes in conversations between cloud security service providers and their customers, is not just an acronym, but a revolutionary concept. Gartner analyst Neil MacDonald introduced SASE in 2019 as an innovative model for ensuring secure access to cloud resources. This approach, although generic in definition, has proved to be a powerful response to the challenges emerging in the era of cloud computing.
SASE represents a paradigm shift in network security, consolidating a diverse range of functions in a single cloud service. This integrated model not only reduces costs, but also simplifies the complexity faced by companies when installing local solutions. As migration to the cloud continues to grow exponentially, the need for robust security has become an undeniable imperative. Global events such as the Covid-19 pandemic accelerated this migration, but also revealed security vulnerabilities when cloud solutions were hastily adopted without following SASE guidelines.
This scenario outlines the benefits and challenges of SASE amid the constantly evolving landscape of cloud computing and digital security.
Putting SASE into context
Cloud security and connectivity service providers have brought a new term into the conversation with their customers: SASE. These four letters stand for ‘secure access service edge’. Neil MacDonald, from the consultancy Gartner, introduced this term in 2019. The aim was to define a secure access model suitable for use in the cloud. Although the model is generic, it has served to demonstrate that previous network security models, based on devices, are no longer useful.
The edge with secure access has come to represent the entire set of means by which a user has access to resources in the cloud. Because it is generic, the concept of SASE has not led to the creation of a service or a device. In fact, the suppliers on the market generally offer a SASE “solution”, which is made up of various services and may include equipment. The concept of this model has led to a new approach to security, given all the changes brought about by the use of cloud computing.
Consolidating security functions
The SASE model consolidated various network and security functions into a single cloud service, in contrast to the isolated solutions provided previously. This consolidation not only reduces costs, but also the complexity they would face by installing everything locally (or ‘on premises’, as they say in IT).
Thus, SASE was a response to the security challenges that began to appear with cloud computing from 2008 onwards. It has shown itself to be a commercial option with processing, networking, remote access and an affordable price. The cloud has brought remarkable transformations to user companies. Among the main ones were the possibilities of obtaining processing and storage resources almost instantaneously, and of expanding them just as quickly. The migration to the cloud has grown and is still going strong today, with no signs of weakening. In 2010, according to the American consultancy Statista, the global cloud market was already worth $24 billion. By 2023, it is estimated at US$ 156 billion, and is growing by 20% a year.
Cloud market: rapid growth
The figures may vary between consultancies, but they all record high market and growth figures in their monitoring reports. To understand SASE, you need to understand data migration to the cloud.
This migration of companies to the cloud has not only transformed the way we invest in computing and its resources, but also the way we work and coordinate people, processes and technology. Concepts that had been consolidated for decades ended up being revised and some even disappeared. In the previous model, in which the resources were inside the company (also called ‘on premises’), the concept of the network perimeter was not only clear, but even visible and tangible. Firewalls, switches, cables and all their software were part of the perimeter.
Migration to the cloud
But, as you can imagine, all that has changed with the migration to the cloud. The perimeter is no longer needed and has disappeared, or has been replaced by different equipment, in a different and remote network organization – in SDN or software defined network.
Now, many people say that with the cloud, the concept of perimeter simply no longer exists. Some prefer to say that the perimeter of the network currently lies with the user. In addition, some say that, for greater precision, the perimeter is the identity – be it user or machine.
When the Covid-19 pandemic forced us to stay at home, network and cloud resources became more essential than ever. Companies that had everything ‘on premises’ accelerated their digitization and migration so that they could continue to operate, with their users connecting remotely and having access to data and applications in a simple and secure way.
The pandemic has triggered a race to the cloud
For almost two years, from the beginning of 2020 to the end of 2021, there was a veritable avalanche of new customers for cloud solutions, and new users for all of them. Then came the security problems that the whole world learned about from the news at the time. This was the consequence of the accelerated implementation of those solutions, without the recommendations of the SASE model being adopted – at the very least. For cybercriminals, it was a season rich in opportunities, as the attack surface was expanded by a huge volume of new users accessing cloud solutions, each of them with at least two devices: a laptop and a cell phone.
As migration to the cloud continues apace, fortunately the deployment of SASE has also picked up speed and is a path of no return. Nowadays, you can’t conceive of a cloud operation without at least one SASE roadmap in place. Gartner predicts that “by 2025, 65% of companies will have consolidated individual SASE components in one or two partner SASE vendors”, a figure well above the 15% recorded in 2021. One of the strongest reasons for the growth in SASE deployments is that in the last ten years attacks on large corporations have made cyber security an imperative. Now, the subject will no longer be left out of the meetings and decisions of the councils and boards.
So, did you like the content? Then be sure to check out our other materials! See you next time!