There are many reasons that make Secure Access Service Edge (SASE) an appealing concept. Major among these are moving from corporate data centers to the Cloud, need to work from anywhere, reducing complexity, and use of applications delivered as SaaS. The SASE hype is at its peak and all major security &network vendors are embarking on the SASE train. However, there are many factors that can derail this train and it is yet to be seen if market is ready for large scale SASEE adoption.
Factors to Consider
- SASE is not a single technology. One of the objectives is to provide a combination of many capabilities into a single platform. However, reliance on single platform has its own side effects. Any major security issue with a SASE vendor could create problems. For example, in the face of a major security incident, while it is plausible to shutdown part of IT infrastructure, turning off a SASE platform may mean shutting down the business.
- Many small businesses have limited budgets/IT staff with no separation of security and network and could be good target for SASE adoption. However, any sizable medium and large businesses have separate security teams. People who have worked in corporate world for a long time, are well aware of cultural issues and dynamics that play a key role between security and network teams. How these two cultures come together is yet to be seen.
- Adherence to the key security concepts including separation of duties, defense in-depth with multiple technologies, using technology components that provide a single function, still need some reconciliation with the notion of convergence and use of a single platform.
Why it matters?
To implement a SASE platform, key decision makers need to fully evaluate the factors mentioned above, keeping in view risk factors, cost, and complexity. The alternate to using a single SASE platform is combining best capabilities from multiple vendors.
Who should care?
There are multiple parties who have some stake in SASE decision making. These include but not limited to:
- CISO – manage risk
- CFO – save money
- CIO – manage complexity and budget
What is next?
A “complete” SASE platform does not exist yet. Businesses need to make careful evaluations of vendor offerings, avoid “me-too” solutions, and think in the long-term as adopting a SASE platform.
