Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Are You On a Security Service Edge (SSE) Journey?

Published 09/10/2021

Are You On a Security Service Edge (SSE) Journey?

This blog was originally published by Bitglass here.

Written by Mike Schuricht, Bitglass.

Last month, in the latest Gartner “Hype Cycle for Network Security, 2021” by Shilpi Handa and Pete Shoard, Security Service Edge (SSE) was introduced. This segment was not only “High” on the Benefit scale and at the peak of the Hype Cycle but also an architecture that would have near-term implications on mainstream adoption.

While not necessarily executed in its exact name, we have observed the approach in practice and understand its benefit. In practice, Security Service Edge is an integrated, cloud-centric offering that facilitates safe access to websites, SaaS, and private applications. It will typically also combine access control, threat protection, data security, security monitoring, and acceptable use control.

As part of a SASE journey, this is an adopted approach by the security team while SD-WAN services are separately adopted by the infrastructure team. “Security Service Edge offerings reduce complexity and improve user experience by consolidating multiple disparate security capabilities into a single-vendor, cloud-centric converged capability.”

Consider the following example: we work closely with a Fortune 100 financial firm. The shift to remote work and the adoption of public cloud services was underway and further accelerated by COVID-19. As part of this initiative:

  • They had converged CASB, SWG and ZTNA into a single security platform
  • They implemented a single, unified set of DLP policies for their provisioned SaaS, on-premises deployed resources, BYOD, unmanaged destinations, and web traffic
  • A single set of access control policies was defined for all of their applications; taking into account identity, device, and action
  • Sensitive data inspection and malware protection can be made consistent from endpoint to cloud and across all channels of access
  • Unified contracts into a single purchasing schedule and support ecosystem
  • Subtle but not to be forgotten: looking to eliminate swivel chair management and manual stitching, the security team unified a view of its risks into a single dashboard. This eventually led to cost efficiencies as well.

The global pandemic only accelerated these efforts. They quickly brought requirements for flexible, cloud-based network security without tying it to their choice of network infrastructure to the forefront of the table. In an effort to be nimble, it allowed them to maintain their toes in two different worlds while the infrastructure expanded and their users, applications and enterprise data were everywhere.

Share this content on your favorite social network today!