How to Reduce Risk and Secure Data With Security Service Edge (SSE)
Published 06/02/2022
This blog was originally published by Lookout here.
Written by Sundaram Lakshmanan, CTO of SASE Products at Lookout.
There’s a new acronym in town: SSE, which stands for Security Service Edge. If this looks mighty similar to Secure Access Service Edge (SASE), it’s because they are closely related.
When SASE was conceived in 2019, we saw organizations struggling with new data security requirements that emerged from the increasing adoption of cloud technologies — a trend that was accelerated by the coronavirus pandemic. These cloud technologies include software-as-a-service (SaaS) applications, such as Microsoft 365, Salesforce, Google Workplace, and enterprise apps running in infrastructure-as-a-service platforms (IaaS), such as Amazon Web Services, Azure, and Google Cloud Platform. As Lookout Head of IT Joel Perkins told us, implementing SASE is a journey that will take time.
In July 2021 Gartner introduced SSE in its “Hype Cycle™ for Cloud Security, 2021”, wherein “security leaders can evaluate the emerging technologies on this Hype Cycle to secure cloud computing.”*
SSE isn’t just about having the right alphabets in your soup, it’s the idea of consolidating security technologies in the cloud to reduce complexity and enhance data security as employees access the web, cloud services and private apps from anywhere. In this blog I’ll break down why SSE matters and the types of data security capabilities a SSE platform should have.
Protecting data when remote work and cloud services circumvent perimeter security
With apps and data increasingly residing in the cloud, users now expect seamless access from anywhere and on any device. But security controls have been deployed with disparate on-premises tools that are anchored to data centers. As a result, most organizations have lost the ability to secure their data as they migrate to the cloud.
This is where the SASE promise comes in, converging key networking technologies, such as Software-defined Wide Area Networks (SD-WAN), with technologies that secure both access and data which Gartner calls SSE. The SSE technologies that may be most familiar are Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG).
However, the real value is in the data protection services that ensure data is not exposed when it is copied or downloaded from the cloud. The idea is that, by integrating data security natively with these access technologies, organizations can implement a streamlined platform that gives organizations back control of their data by securing it wherever it goes, reducing risk and simplifying security operations.
SSE’s core objective: protect your data
Just like how traditional security was costly and inefficient because it was a mishmash of disparate products, SSE technologies have to be integrated and with the goal of securing sensitive data and reducing risk. To do so effectively, security teams need integrated insights into users, endpoints, data and apps.
UEBA: stop insider threats and compromised accounts
Your data is often put in harm's way due to stolen credentials or an insider taking a malicious action – intentionally or unintentionally. This is where User and Entity Behavior Analytics (UEBA) comes in, monitoring the fluctuating risk levels of your users. By understanding how your users typically behave, you can spot when an account — whether it’s compromised or being used by a legitimate user for malicious activities — is putting your data at risk.
DLP: discover and secure your data
To make smart access decisions, you also need to know the sensitivity level of the data your users seek to access. With advanced Data Loss Prevention (DLP) integrated, security teams can take granular actions. For example, you may want to watermark or redact certain content instead of blocking access so you protect sensitive information while allowing work to get done.
EDRM: encryption that follows your data
The final layer of data security is the ability to automate encryption. In 2021, 12,000 sensitive files were stolen from pharmaceutical company Pfizer, including trade secrets related to its COVID-19 vaccines. While Pfizer later knew the sensitive nature of the data taken and which user did it, they weren’t able to stop it. With Enterprise Digital Rights Management (EDRM), organizations can encrypt data while it's downloaded so that only authorized users can access, even when shared offline.
*Smarter With Gartner, “4 Must-Have Technologies That Made the Gartner Hype Cycle for Cloud Security, 2021”, September 08, 2021
Related Articles:
How Cloud-Native Architectures Reshape Security: SOC2 and Secrets Management
Published: 11/22/2024
The Lost Art of Visibility, in the World of Clouds
Published: 11/20/2024
Group-Based Permissions and IGA Shortcomings in the Cloud
Published: 11/18/2024