To talk about information security or cybersecurity is definitely not the easiest of tasks, as developments in this area seem to be happening at a speed that is difficult to keep up with. The cat-and-mouse race between hackers and information security experts is incessant and at a breathtaking pace. Something that appears to be novel today may already be outdated, because in another corner of the world a more efficient solution may have already been discovered or a flaw in the current solution may have been identified that makes it vulnerable.
There was a time, in the early days of the digital age, when the internet didn't even exist, and data subjects were only concerned with physical security of their stored data, thus implementing cameras (CCTV), armed security, locks and even safes. Later, with the adoption and popularization of the internet, attention shifted to the digital security of data storage, with the concepts of access control and cryptography gaining relevance.
But then came the concept of the cloud, which describes a system model that enables on-demand network access to a set of configurable computing tools, including networks, computers, tablets, cell phones, software, etc. The cloud model advocates some basic characteristics for it to be successful, namely on-demand self-service, location independence, Internet access from anywhere, customizable elasticity, concentration of resources and measurement of the service.
With the development of this concept, cloud models have been divided into three distinct types:
1. Software as a service in the cloud (SaaS) – use of a network to access applications from a host.
2. Cloud Platform as a Service (PaaS) – permission for customers to install their software in the cloud.
3. Infra-structure as a Service (IaaS) — renting of processing, storage, network bandwidth and other fundamental computing resources in the cloud.
Although a cloud system can be developed by a company for its own use, the high investment involved in creating and maintaining a data center, its servers and all the security measures necessary for its existence, justifies the demand for various companies that sell or charge for cloud infrastructure services, offering the security of their systems as the icing on the cake. On the other hand, the big challenge is to maintain an acceptable processing speed, since security measures generally imply a loss of processing speed.
With the arrival of cloud systems, there was a need to improve security measures, and in 2019 the concept of SASE (Secure Access Service Edge) emerged, which is a security system defined by Gartner, a renowned American information technology research and consulting company founded in 1979 by Gideon Gartner. The system is characterized by a converged network and security-as-a-service resources, including SD-WAN, SWG, CASB, NGFW and ZTNA. In this type of structure, security and network connectivity technologies converge on a single cloud platform to enable rapid and secure digital transformation.
Therefore, to better understand the scope of this concept, we need to understand each of the acronyms mentioned above, defined in detail in the table below:
SASE, therefore, is made up of two sets of technology, including WAN Edge Services (SD-WAN) and Security Service Edge (ZTNA, SWG, CASB and NGFW) which together allow information security professionals to enable a user, device or server to connect securely from anywhere, via any carrying method.
SASE has therefore become an indispensable technology for companies using cloud systems, in order to guarantee adequate information security without compromising the processing flow of users accessing applications and data remotely.