Direct internet access and applications in the cloud have allowed SME’s to manage costs and be agile and responsive. But they have also brought about security challenges, which, with limited IT resources are difficult to keep on top of.
The Covid-19 pandemic has highlighted the need to provision remote workers quickly, but it has also brought into sharp focus the risks associated with unmanaged devices and vulnerability of company data to zero-day exploits and phishing attacks.
If you have branch offices, external sites or retail outlets, how do you, as a small team maintain control and visibility of these sites, their security and performance?
These are among the issues that can be addressed by combining network and security-as-a-service through a Secure Access Service Edge (SASE), which provides easy management of both networking and security for today’s cloud-based infrastructure.
Why adopt SASE?
Our Introduction to SASE article covered the reasons for the widespread move to SASE that we are beginning to see. SMEs, in particular, should consider SASE to help with:
- Reducing exposure of your critical business applications to Internet threats by concealing them behind a secure vendor managed perimeter.
- Agility to scale remote user access up and down, with integrated Multi-factor Authentication and Single Sign-on access security.
- Visibility and control to allow or restrict access to corporate resources from managed or unmanaged devices.
- Network level scanning of external Internet communications to prevent IoT, BOTs and malware compromise.
- Data integrity and data protection by managing sensitive data access in the cloud through a single secure platform.
and, last, but certainly not least for time-constrained IT teams:
- Access to enterprise grade global site connectivity and data optimisation over private IP backbone.
What is the best way for SMEs to adopt a SASE approach?
Thoughts of designing a new networking and security infrastructure can seem daunting but implementing SASE can be managed if you look at it as a phased approach, starting with existing challenges that you need to address. Don’t do it all at once, for example:
- Start with SD-WAN to give you control and optimisation of your office connectivity.
- If you already have SD-WAN, combine it with the addition of security-as-a-service to deliver Intrusion Prevention, Endpoint Detection and encrypted Malware Detection.
- Introduce Zero-Trust Network Access to enhance user authentication and policy control.
- And/or, target specific groups of users and specific applications in turn, to secure and optimise.
Remote working – security and performance – could be the key driver for SASE
With home and mobile working continuing to be on the cards in the future, this is one area which stands out as a starting point for many SMEs.
In practical terms, in addition to all the benefits we have covered in our article series, it is worth considering how SASE enables companies to solve basic important issues with remote working –
- Many companies are now using integrated MFA access for Microsoft Office 365, with obvious advantages, but have yet to implement MFA for remote access to applications, still relying on only a username and password. Wrapping MFA into user access will improve security and implementing it alongside Single Sign-On makes it even easier for users to access the applications they need. Review the case study on this topic here.
- If you are concerned about employees accessing websites which could introduce malware, SASE gives you the ability to monitor or restrict access, avoiding specific sites or browsing to embargoed countries, for example.
- Implementing Zero-Trust Network access will also enable you to enforce security polices, yet not be overly restrictive and you will be able to analyse security events through a consolidated management console.
An SME can get access to enterprise-class security and networking solutions through SASE and deploy them in a staged approach.
You can deploy services faster and more cost-effectively and have a framework on which to expand with additional security services in the future.
To find out more about how SASE can help, take a look at our other articles in this series. And, if you need some help, why not contact our experts in networking and security for just an hour’s whiteboarding session, to understand your requirements and determine your next steps.