Security Service Edge: Do you know what’s best for your organisation?

Security Service Edge: Do you know what’s best for your organisation?

There’s a new acronym that is quickly becoming part of the security lexicon: SSE. But do you understand what it is, and what a converged SSE platform should look like? Pravin Kothari, Executive Vice President, Product & Strategy, SASE, Lookout explains.

SSE, or Security Service Edge, may look mighty similar to Secure Access Service Edge (SASE), and that’s because they are closely related. Briefly, SSE is the convergence of security technologies — Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG) being the three most widely recognised — inside the SASE framework.

Gartner recently predicted that: “By 2025, 80 per cent of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform.”

I completely agree with the prediction by Gartner. I believe that there are new security requirements that have emerged as a result of the wholesale migration to the cloud. When the pandemic forced organisations to go remote in 2020, they scrambled to give users access regardless of where they work and what devices they use. But now that work-from-anywhere has settled in, a bigger challenge has emerged: the protection of sensitive data.

As operations move to the cloud, IT security teams find themselves guarding data that has scattered across data centres, private clouds and software-as-a-service (SaaS) apps, and are accessed by endpoints sitting on networks they don’t manage. But unlike when everything was neatly inside perimeters, they no longer have the visibility nor the controls to protect their data.

Organisations need to streamline their security operations — that’s where SSE comes in. But not all products are made equal. To reduce risk and protect data, organisations need a SSE platform that is built with native data, user and endpoint protection capabilities.

What does a converged SSE platform looks like?

Simple, unified policy enforcement

Security solutions need to be integrated into a unified platform, so that your security teams only need to write policy once and have it apply across their entire infrastructure, whether it be to endpoints, SaaS apps, private apps or email clients.

Deeper and proactive data protection

A robust SSE platform should be able to enable collaboration while securing your sensitive data. You need a platform with native and modern Data Loss Prevention (DLP) that recognises the types of data you have and enforce policies wherever it goes. This includes watermarking or redacting sensitive data within documents. You also need the ability to encrypt content as it gets downloaded with enterprise digital rights management (EDRM).

End-to-end threat protection

In addition to data sensitivity, the platform can detect and respond to threats like ransomware entering your infrastructure or malware present on devices. Your policy enforcement should know the changing risk posture of endpoints.

Deep understanding of users

Not all threats use malware. Data is often leaked by insiders accidentally or on purpose. You will also encounter compromised accounts where credentials are stolen via a mobile phishing attack. You need a platform that has native User and Entity Behaviour Analytics (UEBA) to know when a user is putting your data in harm’s way.

What organisations need is a SSE platform which includes CASB, ZTNA, SWG and endpoint security, and is elegantly built with end-to-end data protection capabilities. It should take into account telemetry data from users, the risk posture of the endpoint they use and the sensitivity level of the data they seek to access. If done right, such a platform will dynamically enforce data protection policies without hindering productivity.