the backing of technology is not a scalable approach.” Fortunately, an emerging array of secure access server edge (SASE) solutions are evolving to provide compliance options to continuously check the compliance status of your data, infrastructure and users against pre-set compliance rules, which can be industry-defined or custom to the customer, explained Nair. SASE technology enables remote work and the use of cloudbased services by shifting the point of security policy enforcement away from the corporate network and applying it wherever users are located. “Today, SASE solutions are also integrating capabilities such as data loss prevention, cloud security posture management (CSPM), user behavioral analytics etc., to help with enforcing the needed compliance standards,” he continued. “For a typical enterprise, business applications are distributed in a multi-cloud environment spanning across their on-prem data centers, infrastructure as a service (IaaS), and software as a service (SaaS),” Nair said. “At the same time, enterprise users have been embracing the hybrid workplace model – to work from anywhere. “Ensuring best application performance in this new normal is possible only with a true secure access service edge architecture,” he added. “We are really seeing the trend where customers are prioritizing SASE investments to optimize for users and apps anywhere, migrating away from the old school MPLS (multi-protocol label switching) networks optimized only for their office connectivity.” According to Nair, “SASE architecture is really the only way you can solve the network security challenge for a hybrid workplace in a scalable, elastic and pervasive fashion.” With SASE, distributed points of presence (PoPs) hosting network security functions such as secure web gateway and firewall as a service are in the proximity to users, whether they are in office or are remote, to allow them to have a secure and local internet breakout experience. “Moreover, only a cloud native architecture as in SASE can help you scale the high throughput needs of secure internet access, which has been growing exponentially – thanks to media rich internet applications and the growth of encrypted web traffic,” Nair said. “The old school approach of having a box-based security solution simply cannot be scalable or pervasive for the user anywhere paradigm.” Identity, Access Management There is also the issue of identity and access management. “When you are trying to cater to your hybrid workplace requirements, enforcing security controls using network parameters such as IP address becomes unviable, as users are on the move,” said Nair. “Instead, the criteria for network and app access need to be based on useridentity and context.” According to Nair, identity and access management (IAM) allows network managers to define access rules to their networks and applications based on who the user is as well as depending on what device, location, time and security posture of the device they are connecting in from. “Using IAM, appropriate levels of access can be authorized to users based on the context to provide them with least privileged access levels to help minimize attack surface area,” Nair added. IAM systems help with centralized auditing and Source: Dell Oro Group 57 REMOTE WORK SOLUTIONS rwsmagazine.com
RkJQdWJsaXNoZXIy NTg4Njc=