Did you get the message? I guess it’s official. Everything, including security, is moving to the cloud. But don’t just take my word for it. Last month Gartner published a new report, “The Future of Network Security is in the Cloud,” and it’s a good read.
What’s all the fuss about? This is not a new story. Let’s face it, security teams have been struggling for a long time. Too many systems. Too many alerts. Too much sensitive data located outside of the enterprise data center in cloud services. And more user traffic using public cloud services instead of the enterprise data center.
Why is it that with more security tools than ever, threats like resilient ransomware, malicious cryptomining, and good old-fashioned phishing continue to wreak havoc? We see more malware penetrating more systems than ever before. The answer — or rather maybe the problem causing these challenges — is that the existing security infrastructure was designed for a locked-down environment. Today’s networks are digitally transforming before our eyes. We’re just not able to secure our workers, our branch offices, our data centers in the same ways as before. The data center is no longer the hub of access requirements for users and devices. SaaS adoption, direct internet access, and cloud service apps have changed the game. It’s time for a change in security, too.
According to Gartner, “Digital business transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device — not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift.”
Gartner analysts project that demand for security-as-a-service, referred to as secure access service edge (SASE), will grow significantly in the next five years, estimating that by 2024, a minimum of 40% of companies will have plans to adopt SASE (pronounced like “sassy.”)
We could all use a more sassy approach to our security, right?
The new market brings together SD-WAN along with network security services such as secure web gateway (SWG), cloud access security broker (CASB), and firewall-as-a-service. Digital business transformation is moving security to the cloud, which drives a parallel need for converged services that help reduce complexity, improve speed and agility, and secure the new network architecture of tomorrow. With more users, devices, applications, services and data located outside of an enterprise rather than inside, the existing security models are failing to meet today’s business needs.
In the report, Gartner recommends specific actions that security and risk management leaders can take to reduce complexity as security shifts from the data center to the user and/or device. I’d recommend reading the report to learn how to:
- Position the adoption of SASE within your company
- Explain the value of shifting from a “box approach” to cloud-delivered policy-based security services
- Utilize software-defined WAN as a springboard for network transformation
- Adopt integrated cloud-delivered security services that are simple, scalable, and flexible
Change can be hard. Let’s face it, it’s sometimes comfier on the old couch. But there can be a lot of benefits of adopting SASE. These include, but are not limited to, the following:
- Consistency: better security applied consistently in an integrated way from the cloud
- Simplification: reduce tools, complexity, and costs
- Performance: reduce latency and improve performance
- Operational improvements: centralize management, increase staff effectiveness, improve ease of use
Here’s another goody from Gartner: “Complexity, latency and the need to decrypt and inspect encrypted traffic once will increase demand for consolidation of networking and security-as-a-service capabilities into a cloud-delivered secure access service edge.”
If you’re looking for a better way to adopt the cloud and gain more visibility and control to protect your users and data, I encourage you to read this newest report from Gartner.