Gartner defines Security Service Edge (SSE) as the convergence of network security services delivered from a purpose-built cloud platform.
As more organisations move to the cloud, improving data storage and security rise in importance. One of the design considerations for SSEs is to support employees working remotely and keeping their data in the cloud.
SSE can be considered a subset of the secure access service edge (SASE) framework with its architecture squarely focused on security services.
With more organisations migrating to the cloud, many are opting for an X-as-a-Service or outsourcing what was once technology and IT service delivered internally.
What does network security look like, when a company outsources its IT infrastructure needs to a company like, say, AWS, Azure, or Google Cloud?
Heng Mok, chief information security officer for Asia-Pacific and Japan at Zscaler observes that the architecture when organisations move to the cloud is significantly more distributed and fluid.
He concluded that this means that both the infrastructure and assets are no longer static in nature and are much more dynamic.
“With digital transformation, in which business increasingly takes place over the internet, comes an expanded attack surface. Security must be embedded into this new connective tissue for the business to be protected closer to where most users and business assets are now cantered. It also means that the Security-as-a-Service model is required to run and operate at the same speed as the business,” he added.
Drivers for adoption of SSE
Gartner coined the term SSE back in 2021, I believe. What do you think precipitated the creation of SSE? What’s driving the need for SSE? Don’t existing solutions like VPN already do the job?
Mok says securing cloud apps and mobile users is difficult with traditional network security approaches. He attributes this to several factors including legacy technologies that are anchored to the (on-premises) data centre, and in some cases, have difficulty following connections between users and cloud applications.
Traditional network security approaches also relaying ("hairpinning") user traffic to a data centre via traditional VPN for inspection slows everything down. Also, administration and hardware maintenance make traditional data centre approaches expensive. In addition, legacy VPNs are unable to keep up with increased demand and have fatal architecture flaws.
“To make matters worse, today’s data centre security stacks have organically grown into complex, difficult-to-integrate collections of point products. This complexity inherently leaves gaps between disparate security solutions, further increasing the risk of advanced threats or ransomware attacks."
Heng Mok
As the migration to the cloud continues, Mok believes that SSE components can easily follow users and proxy their connections into destinations, regardless of whether the destination is the internet, a SaaS application, or a private application – alleviating the security challenges faced by organisations on a traditional network.
“As organisations transition to cloud-first and cloud-only organisations there will be a natural transition to replace legacy on-premise capabilities such as firewalls, secure web gateways and VPNs,” he added.
Given that technology, including security, continues to evolve, how do you architect a network security strategy to be future-proof and resilient, given that future technologies and circumstances are still unknown today?
Mok suggests adopting a layered defence-in-depth strategy that cuts across multiple layers of the organisation. The goal is to ensure visibility across the entire organisation so if the protective controls do fail then the ability to respond and contain is effective.
“From a process perspective, this calls for continually accessing your organisation’s threat and risk profile and feeding that into continual controls testing processes,” he added.
One last piece of advice: “Make the hard decision to replace a control if it is not effective,” he concluded.
Click on the PodChat player and hear Mok provide further details on how organisations can future-proof their network security strategies.
- What does network security look like when a company outsources its IT infrastructure needs to a company like AWS or Azure or Google Cloud?
- Gartner coined SSE in 2021. What do you think precipitated the creation of SSE?
- What’s driving the need for SSE? Don’t existing solutions like VPN already do the job?
- Looking at the security architecture of an organisation, what will SSE replace? What will it complement?
- Can you cite up to three misconceptions (FUD) against SSE?
- As organisations look to adopt zero-trust in their security framework, how do you see SSE being impacted by this?
- Given that technology, including security, continues to evolve, how does a company architect its network security needs to be future-proof and resilient when future technologies and circumstances are unknown?