SASE-Delivered Cyber-Security for Small-Medium Enterprises (SMEs)
CMO, Versa Networks
January 14, 2021
SMEs are the most cost-conscious of organizations; there’s no money for large IT teams, nor for stacks of single-purpose boxes per location: it adds up quickly with more locations. Direct Internet Access (DIA) has been a life-saver (read: cost-saver). Employees using their own tablets, smartphones, and laptops has phenomenally brought down user device costs and headaches—employees even upgrade and refresh their devices themselves! Cloud applications are another absolution: no more servers, OS upgrades, boxes, more boxes, slow performance—with SaaS you pay-as-you-go and instantly scale up/down.
All this economical convenience came with a huge concealed handicap: security. DIA, BYOD users, and cloud access impose a giant increase in your enterprise’s attack surface. Hackers have never had it so easy.
SASE technology/architecture is the vaccine for this pain, securing assets and users while allowing you to leverage the cost-savings. Let’s think through this together.
What makes current SME network security architectures inadequate?
- Many SME employees work remotely or from home. In the 2020 covid19 environment, almost 100% do. But home and mobile locations are fraught with security risks, they’re outside your network perimeter.
- Hackers are more sophisticated than ever, targeting the weakest link: your employees. Their email, personal devices, the status of OS patches and anti-virus software (or lack thereof), unchecked internet visits—this is how malware gets into the corporate environment today. Those same unprotected devices access your corporate resources and assets.
- Your cloud applications are distributed regionally or globally—near-impossible for your [tiny] IT team to keep up with maintaining security, control, visibility, and performance.
Why should SMEs start redesigning their networks?
- For many SMEs, the Covid19 pandemic was a wake-up call, thrusting them into an uncomfortably unfamiliar environment. Those who have maintained business continuity already had a plan for digital transformation.
- The distributed workforce model of covid19 has permanently altered the playing field. Successful SMEs are now role-models highlighting coping strategies.
- Secure SD-WAN with SASE brings security not only to the application sources (cloud) but also to where the applications are consumed (employees’ unmanaged devices).
What trends, other than Covid19, contributed to SME adoption of SASE?
- SMEs have shifted to the cloud en masse: the elastic SaaS model is ideal. SASE moves security to the cloud where the applications live, instead of dragging application traffic down to the data center where [traditionally] security was enforced. Cloud SASE delivers excellent performance and efficiency. As well as security.
- Cloud-delivered SASE is cost-effective: no boxes; no per-location cost; immediate availability for new users, applications, or sites; ubiquitous access.
- BYOD overstretched SME IT teams. So many platforms, so many devices, no control, countless OS versions—tracking alone is a nightmare. Cloud-delivered SASE enforces a full security suite for all vulnerabilities, all devices, and all assets.
What are the benefits of cloud-and-network-integrated security?
- Convergence brings security to where the transactions are—the sessions, the packets, the data. Increasingly in the cloud.
- SASE can also be implemented on-prem or for the mobile/home office—wherever it’s needed.
Why should SMEs implement SASE?
- Planning or doing digital and cloud transformation mandate SASE; if not today, then in the near future.
- Threat vectors have changed; hackers target the least secure component. Long ago Windows was dominant, but now other OSs have sufficient market penetration to be profitable hacker targets.
- Ubiquitous Internet access points: everybody’s home, device, cellular; DIA is inexpensive for SME sites and mandatory for mobile/home workers—but Internet access completely lacks security.
How can SMEs begin to adopt a SASE networking approach?
- It’s really incredibly easy: start with something you already have. Versa Secure SD-WAN already has the initial hooks and services.
- If you’re not using Versa Secure SD-WAN yet, start with the zero-trust (ZTNA) Versa Secure Access (VSA) SASE solution. Activate VSA in the cloud, like any other SaaS service: create an account, log in, get a license for 5-10 users and you’re up and running. Download the app to your device, authenticate through existing services like AD and you’re immediately on a secure network, connected to cloud applications through a cloud gateway.
- Expand by adding more services: VSA improves application performance through SD-WAN services such as remediation and FEC, selectively for particular applications, or for certain users or groups like sales or engineering. After that maybe add SWG or FWaaS. Cloud-native SASE allows SMEs seamless insertion and migration, adding services while preserving what you already have.
How does SASE adoption become a game changer as we move forward?
- Early adopter SMEs will have a competitive and business advantage. This technology will have a force-multiplier effect regardless of your business area: retail, banking, healthcare, education, or public sector. With SASE you can deploy better, faster, improved services at a reduced cost, higher performance, and be better positioned to mitigate the new threat landscape.
- SMEs can easily and instantly add new services: no need to purchase, configure, or deploy any boxes.
- The barrier to entry with SASE is so incredibly low that 2021 is expected to be the inflection point for SASE, with break-away in the 2nd half of the year. For example, look at Zoom adoption in 2020: it’s a SaaS model, and so is SASE. IT can turn it on, or even an individual user can turn it on.