SASE: How financial firms can secure a cloud-first competitive advantage

by wrich
Editorial & Advertiser disclosure

By Jonathan Lee, Senior Product Manager, Menlo Security

For many, employment today looks a lot different compared to the norm that were experiencing a mere 18 months ago. 

Where in many instances financial services had once been tied to the office as the hub of productivity, vast swathes of workers now go about the day to day from the comfort of their own homes, communicating with colleagues on a remote basis via tools such as Microsoft Teams, Google Meet or Zoom.

Jonathan Lee, Senior Product Manager, Menlo Security

While this shift was borne out of the necessity to safeguard public health, and mandated by social distancing restrictions and national lockdowns, it has brought with it a host of benefits to both financial firms and their employees alike.

The statistics speak for themselves. A survey reveals that 81% of employees would be more loyal to  employers providing flexible working options, while 95% say that their productivity is higher when working from home. 

Equally, 94% of those employers surveyed revealed that company productivity has been the same (67%) or higher (27%) since employees started working from home during the pandemic. And that’s before you even mention the job satisfaction, mental health, profitability and environmental benefits. 

To say the normalisation of remote and hybrid working has been straightforward would be naïve, however. For security professionals, it has been a challenging period to navigate.

To uphold such stark changes, several infrastructure-related hurdles had to be overcome. In the case of financial services, IT had often been managed on-premises where the focal point of protection was centred around securing the company’s network perimeter – a clearly defined proverbial line separating the intranet (the private and locally managed side of a network) and the internet (the public-facing side of a network). 

Today, however, in the new normal of remote and hybrid working, the network perimeter is quickly dissolving. 

Here lies the security-centric challenge. As many industry players replace on-prem with a cloud-based infrastructure to enhance their productivity, tap into cutting-edge solutions and unlock efficiencies, their security policies quickly become outdated, creating a host of vulnerabilities such as a hampered flow of traffic between firewalls. 

At he beginning of the pandemic, Virtual Private Networks (VPNs) were turned to as the holy grail – a short term, easy to implement solution that provided access for remote employees to a company’s central on-prem network. Yet the ‘square-peg-round-hole’ issues with these quickly unravelled.

Not only do VPNs fail to offer scalability, but they but they work on the premise that once a connection has been established, users are inside the network and trusted by default

Finding security and productivity in a perimeter-less world

In fast moving financial services environments, faltering productivity and/or lacklustre security is simply not an option. 

The questions for such companies, therefore, is simple – how can I tap into the array of benefits offered by cloud-centric models, yet ensure my assets and data remain secured?

Previously, ticking both boxes was a difficult task. Yet today one framework is capturing attentions as a means of covering all bases.

A term coined by Gartner, Secure Access Service Edge (SASE) is built on the idea of delivering both security and networking capabilities as a single cloud-based service directly to the source of a connection, removing the need for an enterprise data centre.

Through SASE, security is incorporated directly as an extension of the user. Having been built with a cloud-first mindset, it is reliant on a series of cloud gateways known as local points of presence (POPs), where all elements of security – from technologies to policies spanning web and email security to firewall and access control – are implemented. 

Crucially, SASE is not a single solution in and of itself. It is instead a concept comprising a cocktail of existing network security services including CASB, Cloud SWG, ZTNA/VPN, WAAPaaS, FWaaS, DNS and RBI alongside software-defined wide area networking (SD-WAN).

Through the integration of such solutions, SASE is able to provide seamless, secure SaaS adoption capable of upholding both the protection and productivity requirements needed to succeed in the ever-evolving, highly digitised world of work. 

Take data, for instance. While rulings such as GDPR make it imperative that companies take data protection incredibly seriously, it is often in their own best interest to do so. 

For financial services companies, data is almost always the jewel in the crown.

It is why SASE is catching the eye in such an industry. It allows organisations to guard against sophisticated threats such as ransomware attacks, while also ensuring key data can be used effectively and productively, with employees able to access critical information and applications in real time, wherever they might be. 

Changing business perspectives

Indeed, SASE’s novel potential extends far beyond simply heightened, modernised security.

Where security was once simply considered a cost to a company, SASE is helping to change this narrative, instead positioning security as a highly effective business enabler. 

The reasoning for this is simple – SASE allows organisations to fully embrace and capitalise upon the benefits that the cloud and other SaaS technologies offer, without having to compromise operations by needing to change user behaviour. By simultaneously enhancing protection and improving productivity/the user experience, those organisations pursuing SASE have been empowered.

What is certain is that cloud-first models are the future, and those companies setting themselves up as early adopters will uncover numerous competitive advantages. But how can you go about adopting SASE, and embracing cloud-first models, in the right way?

First, taking the time to vet potential cloud and key service vendors is vital. Where SASE comprises so many different components, it is unlikely that all these will be provided most effectively by a single vendor. While some will offer all-in-one packages, companies should proceed with caution to avoid vendor lock in and compromises on quality. 

Indeed, SASE does not need to be a switch that takes place overnight. Organisations can begin to adopt and implement the varied components incrementally – something that appears to already be happening.

According to CyberEdge’s latest Cyberthreat Report, 74% of IT security decision makers are already working to adopt technology capable of supporting SASE architecture, these figures having spiked as a result of the pandemic.

Furthermore, although Gartner had originally estimated that it would take roughly 10 years for SASE to reach mainstream adoption, this has since been revised to less than half that time as a result of the rapid uptake of hybrid and remote working models in the past 18 months. 

For those organisations that do succeed in implementing SASE in the coming five years, the benefits will be sizable, underpinned by highly advanced, secure and consolidated cloud-based models that are backed by an ever-growing sea of empowering solutions.  

You may also like