Behold, the ultimate solution for modern networking and security!
That’s how multiple organisations view secure access service edge (SASE). The integration of software-defined wide area network (SD-WAN) and secure service edge (SSE) is exciting, that’s for sure. As we embrace a cloud-based future, SASE is being more widely adopted under the guise of the great uniter of networking and security.
But a SASE framework alone isn’t enough. What we at Gamma want to do is keep businesses aware of how important that network underlay is. That always operational, resilient network is the deciding factor on whether SASE can reach its full potential or not.
In a recent session, Gamma’s Solutions Sales Director Laurence Malthouse provided a deeper explanation on the ‘SASE Blind Spot’. There are hidden costs vendors don’t mention, and businesses need to be aware of the risks associated with a one-size-fits-all SASE approach.
In a stroke of good luck, we’ve got 5 key takeaways from this session.
Takeaway 1: Hybrid environment means bigger attack surface
78% of business leaders have already adopted cloud in most or all their organisation’s areas. The enticing benefits of reduced costs, scalability and accessibility have been a driving force behind the move to the cloud. However, there are organisations out there rooted to the ground with on-premises infrastructure, or at least hovering after introducing a few cloud-based solutions.
This hybrid approach is favourable to over 67% of IT decision-makers. Having the power to back data up to a physical, on-site location, for example, is a great boost for those concerned with business continuity. However, this hybrid model introduces a level of complexity that doesn’t provide sufficient visibility or control.
If sensitive data is moving across those mixed environments, then security blind spots become more commonplace. When those legacy controls are perimeter-based and not fully adapted to the level of security now required, problems start to arise. Data becomes vulnerable and the risk of a breach increases.
Nobody wants to deal with a larger attack surface. When the network is poorly designed, that’s exactly what business leaders will have to deal with.
Takeaway 2: Your network will make or break SASE
If the network isn’t ready, then SASE will underperform. That’s the long and short of it.
In 2023, UK businesses lost over 50 million hours due to internet downtime. That equated to over £3.7 billion in losses, which just goes to show just how costly that poorly managed network can be. Organisations just end up firefighting issues that are exemplified by that below-par network.
The resilient, scalable infrastructure provided by SD-WAN is a crucial step in keeping those network issues under control. A robust, future-ready network should be the first point of call for any future-focused business. Without it, those issues will persist.
Security tools shouldn’t be used just to mask an unstable network foundation. Yes, they provide a lovely safety net, but in most cases, they only amplify those weaknesses. There’s absolutely no need to fuel that fire.
Of course, SASE is one part networking, one part security – that latter focus is the next key takeaway.
Takeaway 3: Identity is the real risk point
In the last 12 months, 50% of businesses have gone through some form of cyber security breach. Between 2015-2019, cyber threats cost the UK economy almost £22 billion a year, with these threats causing significant knock-on effects to an organisation’s daily operations and overall reputation. We don’t mean to be all doom and gloom, but the point stands – cybersecurity is a big deal.
What’s emerged as a universal concern is access control and identity management. Zero trust network access (ZTNA) has now become the standard when it comes to remote access, and identity is now the new perimeter. The drive towards hybrid working has only given businesses a greater impetus to provide instant asset access for those working remotely.
Advanced security assets alone can’t protect those sensitive assets. There needs to be a robust framework in place when it comes to authorisation, user authentication and privilege control. Working with a reputable managed service provider (MSP) helps to alleviate these concerns around SASE deployment.
That deployment also hinges on whether to opt for a single vendor or multi-vendor approach.
Takeaway 4: Choose on your type, not on the hype
30% of UK technology leaders have noted that their organisation lacks a clear digital transformation strategy. From the start, businesses need to map out their priorities and the full extent of their internal capabilities. That allows them to understand what the ‘right’ SASE approach for their business is.
There are two options open to these SASE-minded businesses: a single vendor approach, or a multi-vendor approach. Both have their upsides and downsides, as does every choice we make. We’ll provide a quick overview on each, just to save you all some precious time.
Single vendors bring networking and security capabilities together in one complete solution. There’s more interoperability between the technologies, and IT teams can manage operations from a unified dashboard. However, this approach can subject businesses to ‘vendor lock-in’, meaning they miss out on specialised features that other vendors can offer.
This prompts some to opt for the multi-vendor approach, with one side providing the network and the other security. A setup like that offers the opportunity to choose best-of-breed solutions and greater flexibility to switch vendors. But juggling multiple vendors can be tough, especially when trying to maintain consistent security policies.
For organisations already invested in certain security and network tools, a multi-vendor approach can be more flexible. But it introduces complexity through multiple integrations, vendor compatibility issues, and increased management overhead.
So, what’s the best approach? Rather than forcing a rip-and-replace strategy, Gamma acts as your expert consultant. We help businesses assess what they already have, how they use it, and whether they need a full SASE transformation or a hybrid approach.
We’ll leave the choice to you but remember to start with priorities and internal capabilities first. The road to full SASE deployment, however, is a marathon, not a sprint.
Takeaway 5: Success comes in stages
The draw of bright and shiny new technology is always hard to ignore. All the exciting prospects behind each new innovative step makes one dream big of what else is to come. But the subheading says it all – ‘success comes in stages.’
Up to 70% of digital transformation projects fail to meet their proposed objectives. It’s a long-term journey that doesn’t require everything to be done at once. Phasing in each separate component helps to build that momentum towards success.
That phased approach to the likes of secure web gateway (SWG) and cloud access security broker (CASB) provides a smoother transition with better control. SASE’s role in digital transformation shouldn’t be just a flashy, one-and-done process. Build up from the most urgent need, test it, then scale it appropriately.
Slow, steady and smart wins the race.
A united effort
‘You can’t really talk about security without networking—or networking without security. It’s time organisations stop seeing them as separate conversations.’
Laurence’s words are the perfect way to bring this SASE blind spot conversation to a close. That always-on, high-performing network is critical for SASE, and should never be an afterthought when implementing SASE. Forgetting to provide that quality network only leads to issues around security, latency and overall operations.
MSPs like Gamma reduce those risks through a fully managed, united approach to networking and security. Expert guidance is readily available, giving businesses the support they need to deploy SASE effectively. If you want SASE to reach its full potential, you need that network underlay.
It’s never wise to ignore a blind spot, on the road or with SASE.