Intelligent CISO Issue 49 | Page 33


Security Service Edge ( SSE ) and the future of cloud security

Sundaram Lakshmanan , CTO of SASE Products at Lookout , explains what SSE is , its three core principles and how it differs from SASE , as well as how enterprises can get the most out of SSE with the integration of endpoint security , and advanced users and data protection capabilities . o run an efficient

T business that enables your employees to work from anywhere , it has become nearly impossible to not be using cloud technology . Whether it ’ s Softwareas-a-Service ( SaaS ) applications like Microsoft 365 , Salesforce , Google Workplace , Servicenow and Slack or Infrastructure-as-a-Service ( IaaS ) such as Amazon Web Services , Azure and Google Cloud Platform , most organisations now have dozens of apps that employees are connecting to and sharing sensitive data with .

To protect data while enabling workfrom-anywhere initiatives , a new security framework has evolved , from the convergence and consolidation of clouddelivered network security functions into one platform , known as Security Service Edge ( SSE ).
If we look back just a decade , many organisations were reluctant to adopt cloud technology with the fear that perimeter controls were being relinquished . Over time , with technological advancements and increased awareness of the benefits of cloud , this sentiment was overtaken by the push towards digitalisation .
Yet , since then , it has been demonstrated that increased cloud connectivity creates additional challenges for traditional security strategies . To satisfy new data protection requirements , organisations must leverage the cloud for security , just as they have done for operations . Security technologies that used to reside onpremises , must converge in the cloud .
SASE and SSE education
When the term SASE was first coined by Gartner in 2019 , many enterprises were having difficulties meeting the security requirements of a cloud-driven world , which was further amplified during the pandemic . Organisations needed to support a work-from-anywhere workforce to maintain business operations and overall productivity . With data and apps residing in the cloud , and users connecting from anywhere , organisations were no longer able to rely on traditional security perimeters for gaining visibility and control over their data .
Sundaram Lakshmanan , CTO of SASE Products at Lookout
SASE – a framework which combines Networking-as-a-Service ( NaaS ) and Security-as-a-Service ( SaaS ) technology into one seamless architecture – looks to address that . This approach incorporates Secure Web Gateway ( SWG ), Cloud Access Security Broker ( CASB ) and Zero Trust Network Access ( ZTNA ), to secure access to Internet , cloud services and private apps while enabling seamless connectivity to these destinations via local direct-to-Internet breakouts with software-defined wide area network ( SD-WAN ), further simplifying the enterprise network architecture . The motivation behind SASE was to enable intelligent Zero Trust access that protects data from anywhere without hindering productivity .
Many organisations , having come to a realisation that their current security tools are ineffective in supporting the newer work-from-anywhere use cases , have started consolidating their security tech stack by selecting cloud-delivered solutions from fewer vendors . While security services have begun to converge , most still have not consolidated networking and security services from a single security vendor . Rightfully so , enterprises favour the best of breed technologies when given a choice .
To keep up with these market trends , in 2021 , Gartner created the SSE framework which concentrates only on the security capabilities of SASE . www . intelligentciso . com