What is SASE?

To address these challenges, we need a new and improved security architecture. Enter SASE, a model for securing complex cloud platforms.

Pronounced “sassy,” SASE (Secure Access Service Edge) is a term coined by research company Gartner back in 2019.⁶ In simple terms, SASE is a cloud-based enterprise security framework. As more businesses transform digitally, security is now also moving to the cloud to reduce complexity, improve agility, and empower multi-cloud networking.

In more technical terms, SASE is a network architecture made up of multiple technologies working together to secure your network’s edge and your cloud environments. It combines the capabilities of a virtual private network (VPN) and SD-WAN with secure web gateways, cloud access security brokers, firewalls, and zero-trust network access.

As such, SASE improves on SD-WAN and brings all its benefits to the cloud: simplified security, reduced costs, faster user experience, scalability, cloud intelligence, secure mobile data, and integrated real-time visibility. All of these capabilities are delivered from the cloud and provided as a service by a SASE vendor.   

● It secures your network’s edge and your cloud environments.
The edge is defined simply as any device that connects to your corporate network.⁷ Whether it’s a laptop, a smartphone, or even a vehicle, as long as it connects to your corporate network to access company data and resources, it is part of your network’s edge.

With the advent of remote-first and hybrid work, your network’s edge could be anywhere in the world—on the beach, in the cloud, on your own device, and even in another company’s network or somewhere beyond the reach of your IT security team. With SASE, private and wide access networks integrate cloud-native security functions to secure your network’s edge as well as your cloud environments.

● It employs the principle of least privilege.
Least privilege means limited access: every system user must operate using the least amount of privileges necessary to complete a task.⁸ This is similar to the military security rule of restricting access to sensitive information on a “need-to-know” basis.

With SASE, every user that requests access to company data or resources is granted the minimum rights necessary to complete a task in the shortest amount of time necessary. Emphasis on the word “necessary”. While there are industry benchmarks, with SASE, the amount of access and time necessary to accomplish a task can still be set and managed by the company’s IT security team.

● It employs a zero-trust approach.
SASE is at the core of the zero-trust framework, which operates on the dictum of “trust nothing, verify everything”.⁹ It is a system that authenticates a user or a device every time they try to access the company's network or resources.

Ideally, regardless of where you land on the corporate ladder, there must be no exceptions under the zero-trust framework—every user, every device, and every application must be validated. Even if you have a registered username and password, if your device has not been validated, you will be denied access to the system. This provides another layer of protection to safeguard your workforce and your company assets from organised cyber crime.

Beyond being a new and improved security architecture, SASE is also a framework, an approach to assess the current state of your network and cyber security. Much like migrating to the cloud, moving to a SASE model will require you to rethink how to connect your remote workforce to vital company resources more securely.

SASE, as the convergence of cloud-managed SD-WAN and cloud-delivered security, offers companies more flexibility, especially with the rise of SASE as a managed service. Working with a trusted security advisor eases the shift to SASE and helps you maintain security hygiene, adopt a prevention approach, and keep threat intelligence up to date.

At Singtel, we uphold a security-first approach in everything we do. We help transform your approach to cyber security and strengthen your security at the edge and on the cloud. Our SASE capabilities are part of the Singtel CUBΣ portfolio, a unified suite of connectivity solutions designed to make enterprise networking easier to connect, manage, monitor, and expand globally.

Cyber security is a round-the-clock responsibility. As your trusted business partner, let us do the heavy lifting to defend your most valuable assets at the edge and on the cloud. Talk to one of our security advisors today to learn more about how SASE can protect your network’s edge and your cloud environments.

References

2. Check Point Research, Asia Pacific experiencing a 168% year on year increase in cyberattacks in May 2021, 2021.
4. PRNewswire, New Cybersecurity Hub to Help Asia Pacific Organizations Build Cyber Resiliency, 2022.
6. Security Brief Australia, APAC ranks third-highest region targeted by ransomware, 2022.
8. Tech Wire Asia, Ransomware attacks still a big problem in APAC, 2022.
10. EY, Over half of Asia-Pacific businesses are unsure if their cybersecurity defenses are strong enough amid growing threat, 2021.
12. Gartner, SASE, SSE, SDWAN – What the what, now?, 2022.
14. Insider, Why SASE — an emerging cybersecurity term — is crucial for protecting your company's work-from-home data and systems, 2022.
16. Cybersecurity and Infrastructure Security Agency, Least Privilege, 2013.
18. Insider, How the zero-trust cybersecurity model of 'trust nothing, verify everything' is key to a remote-first work environment, 2022.