Cybersecurity strategies for years have been grounded in protecting the perimeter of the corporate network. Yet, as nearly every organization learned during the COVID-19 crisis, that perimeter no longer exists. Nearly all new software functionality is now deployed as a service (SaaS) that people access from a multitude of locations and devices. No company has the luxury of containing the enterprise IT environment within its four walls anymore.\n\nThe pandemic also exposed the limitations of virtual private networks, which enable remote access to secure computing resources. A VPN lets employees \u201ctunnel\u201d in through the corporate firewall using an encrypted connection that rides on top of the public internet. But during massive lockdowns, VPNs at many companies were overwhelmed by surges in demand that slowed traffic to a crawl. Even more alarming was when frustrated users disconnected from the VPN entirely to log in to their SaaS applications, thus bypassing any of the security controls and increasing the overall threat surface.\n\nThe rise of the secure access edge\n\n\n\nA perimeter-less environment demands a new approach to cybersecurity. \u201cJust a few short years ago we would talk about remote access for short periods due to travel, and typically for a small proportion of the workforce,\u201d said Anand Ramanathan, chief product officer, Skyhigh Security. \u201cToday we are adapting to a vast, permanent work-from-anywhere cultural shift.\u201d\n\nThree years ago, Gartner coined the term Secure Access Service Edge (SASE) to describe an architecture that combines software-defined wide-area networks (SD-WANs) with a portfolio of cloud-based security tools \u2014including secure web gateway (SWG) cloud access security brokers (CASB), and zero-trust network access (ZTNA).\n\nThe goal of SASE is to shift from traditional perimeter protections to identity-based controls that securely connect people with data and applications from any device and location, even when they aren\u2019t on the VPN. Gartner predicts that more than 40% of enterprises will have SASE in place or progress by 2024, up from fewer than 1% at the end of 2018.\n\n\n\nIntroducing Security Service Edge\n\nTransitioning to a full SASE environment is a long process for large enterprises. Recognizing that all-or-nothing approaches are impractical at a time of urgency, Gartner proposed splitting the security and SD-WAN components and unifying the former under the banner of Security Service Edge (SSE).\n\nSSE brings together the elements needed to secure access to websites, cloud services, and internal applications in a way that yields immediate benefits in the form of reduced risk, cost and complexity while allowing organizations to fold in the SD-WAN components at their own pace.\n\nThis prudent approach has several benefits to customers. No single vendor can deliver the full functionality required of a complete SASE. Splitting SSE apart from SD-WAN enables network and security vendors can focus on their respective core competencies rather than trying to be all things to all people. The approach also speeds time-to-market, since vendors can deliver \u2013 and users can implement \u2013 individual components faster, and thereby realize more immediate results.\n\n\u201cA tightly integrated SSE solution can address the management challenges of setting up policies in multiple vendor management interfaces by deeply integrating security controls to reduce overhead, complexity, and cost, while increasing performance,\u201d Ramanathan said.\n\n\n\nConvergence of Security Solutions\n\nA converged security approach to SSE is badly needed. By most accounts, the average enterprise uses between 50 and 100 different security products. The highly fragmented nature of the security industry means that few of those products talk to each other, so the task of integrating them has been mostly left up to the customer.\n\nThe key business goal of SSE is to protect applications and data by building a pervasive cloud edge that spans all manners of accessing these applications and data. An SSE solution delivers this pervasive edge and enables organizations to apply consistent data protection and threat prevention policies across their entire estate, including users, devices, locations and applications. Under the covers, SSE is the convergence of Cloud Access Security Broker (CASB), next-gen Secure Web Gateway (SWG), Zero Trust and DLP technologies delivered via a single global cloud fabric \u2013 with consistent policy and incident management. Each of the closely integrated components provide coverage over distinct controls points that seamlessly deliver the pervasive edge.\n\nA unified SSE platform helps facilitate:\n\nSSE presents an opportunity for IT organizations to simplify their security fabric by replacing multiple, special-purpose hardware devices with comparable functionality delivered as cloud services. It simplifies a chaotic mix of point products and ensures security outcomes while making it simpler for business users to access the resources they need. It\u2019s a cybersecurity reboot at just the time IT organizations need it most.\n\nClick here to read more about how SSE can boost your cybersecurity strategy.