The adoption of Secure Access Service Edge (SASE) has become a strategic imperative for organisations in the Asia-Pacific (APAC) region, and aims to bolster cybersecurity, improve network performance and enhance business agility.

The case studies in the qualitative research commissioned by S&P Global Market Intelligence on behalf of Verizon Business Group¹ shows a timeline of APAC organisations’ journeys.

Source: Shutterstock

“We learned that the global pandemic was an accelerant of digital transformation that underpinned a broad spectrum of readiness and capability for customers. Initially, they were compelled to change their operating environments very rapidly, then many went through a process to understand and appreciate the value they can unlock from that transition by migrating to a SASE environment,” said Rob Le Busque, Regional Vice President at Verizon APAC.

“We see the adoption of SASE continue to accelerate among enterprise and government customers in this region for two reasons. First, there is an intrinsic cost benefit to moving to SASE architecture. Second, the cyber attack surface is increasing and becoming more complex; SASE provides the ability to containerise applications or servers under attack,” said Le Busque.

Delivering outcomes from SASE

The research revealed the value for CIOs in examining the differences between a project’s expected outcomes versus the reality. For SASE, many expect reduced risk, cost savings and improved productivity and/or user experience.

While most participants with complete (or nearly complete) SASE projects reported that they achieved their expected outcomes, they also discovered some unexpected results.

For example, a large mining and metals organisation in Singapore reported: “One unexpected benefit of a SASE framework is to have synergies and convergence of interests between infra/network and security where usually it is a fight between what performance/user experience versus security constraints will be considered (which is rare enough to be highlighted!). Here we have a common ground where both can be conciliated.”

Effects of SASE on the overall digital transformation journey

While most participating organisations in the research did not consider their SASE deployment a part of a larger digital transformation initiative, some said that SASE helped their larger transformation project by reducing risk and simplifying user experience.

“We started off with streamlining connectivity and the effort that spearheaded the related identity and access management projects are now supporting almost all the other applications as well. So, yes, there was an acceleration effect in our DX journey,” said a regional information security manager for a large IT services firm in Australia.

“We hear from our customers that SASE shortened provisioning times and access to networks on traditional VPN architectures. This solves the first principle issue of connecting dynamic users to dynamic applications. SASE provides capability and uplift to do that as organisations,” said Rob Le Busque.

Key benefits from SASE, according to the research, included:

• Unified security architecture,
• Enhanced user experience,
• Scalability and flexibility,
• Improved compliance and governance.

Source: Shutterstock

Identifying top SASE deployment roadblocks

Several themes emerged regarding the barriers participants encountered and expected to encounter during SASE implementation.

Technical debt was most cited as the barrier to overcome before gaining the rewards of SASE. “You need to invest time up front to fully understand all aspects, rather than piecing it all together in a troubleshooting mode during project implementation,” said a CIO of a large Hong Kong-based Insurance organisation.

The main deployment roadblocks included:

• Legacy infrastructure challenges: Legacy systems and outdated network architectures pose integration challenges during SASE adoption. CIOs should address compatibility issues, data migration complexities, and ensure integration with existing IT environments to maximise the benefits of SASE while minimising disruptions to business operations.
• Skills gap and talent acquisition: The shortage of skilled cybersecurity professionals and network engineers is a significant barrier to effective SASE implementation. CIOs should invest in talent development, upskilling initiatives, and partnerships with managed security service providers (MSSPs) to bridge the skills gap and build internal expertise for managing SASE solutions effectively.
• Change management and organisational alignment: Implementing SASE often requires cultural and organisational changes to move to a Zero Trust security model, including the adoption of agile practices, and increasing collaboration between IT and business functions. CIOs must address resistance to change, communicate the benefits of SASE to stakeholders and align the organisation’s goals with security and digital transformation initiatives.

Lessons Learned from SASE Implementation

The final section of the study focused on gathering participants’ insights they gained during a SASE implementation project.

• Needs assessment: Participants noted the need for a strong requirements framework and business case development before initiating the project. They recommended taking a ‘security first’ approach and advised prospective implementors not to run SASE implementation like a network infrastructure alteration. They cited the importance of obtaining support from key stakeholders and establishing strong governance structures.
• Upskill, plan and prepare: Participants emphasised increasing internal competencies and resources in advance. A common theme was the importance of understanding the data, application and device assets involved in or affected by SASE.
• Vendor/partner selection: Study participants recommended focusing on vendor competencies, examining specific SASE requirements and comparing vendor claims versus actual competencies, although they reported this was difficult. Participants also mentioned the importance of using a tried-and-tested partner and establishing strong vendor and partner relations.
• Deployment planning: Respondents said using a standardised deployment model was particularly important, as well as planning and scheduling the rollout.

Conclusion

SASE implementation offers significant outcomes such as unified security, enhanced user experience, scalability and compliance for organisations in APAC. However, barriers such as legacy infrastructure, skills gaps, and resistance to organisational change require planning, talent development, and effective change management.

By learning from industry best practices, and emphasising user-centric design and continuous monitoring, CIOs can collaborate with CISOs to successfully navigate SASE adoption, strengthen cybersecurity resilience, and drive business agility.

Download the full report to read the findings in detail, and to talk to an expert on SASE deployment best practices and technologies, contact a Verizon representative near you.

¹ “SASE Enables Zero-Trust Networking, Improves Business Agility, Reduces Costs and Streamlines Digital Transformations”

The post Enhancing Business Agility with SASE: Insights for CIOs in APAC appeared first on Tech Wire Asia.

A change is occurring in how organisations secure their network perimeters, users, applications and data. Secure access service edge (SASE) is starting to disrupt traditional approaches to networking and security, and is giving IT professionals an opportunity to fundamentally reimagine how they design their network and security architectures.

Previously, enterprise network architecture was based on discrete silos of network and security controls, with remote access provided via virtual private networks (VPNs). These approaches are being rapidly replaced by SASE and zero-trust network access (ZTNA) architectures.

Source: Shutterstock

Getting SASE right can be a complex proposition that presents significant challenges. While major elements that make up SASE have been around in some form for at least 10 years, it is still an evolving technology.

A case study in SASE Success: India Insurance Company

As part of the research commissioned by Verizon Business to help companies cut through the noise to get a true picture of obstacles and opportunities in implementing SASE, S&P Global Market Intelligence conducted 10 in-depth interviews with decision makers and those purchasing SASE technology.

One successful SASE implementation case study was shared in an interview with a VP at one of the largest insurance companies in India, which we will refer to as “IIC” (India insurance company).

“The primary driver [for SASE] was the pandemic. Before, we had a traditional bricks-and-mortar office infrastructure. When the pandemic hit, everything was being provisioned by the company. There was no way to use ‘bring your own devices (BYOD) – only company-owned, hardened machines could be used […] which took 10-15 days to provision,” he said.

Suddenly, many users, particularly contractors, did not meet security requirements because controls were not designed for off-site workers. In response, IIC implemented a SASE project focused initially on data access, followed by applications.

“Now, we can fully support BYOD, which was the hardest problem to solve. We were forced to go with an agentless approach, through an outside portal […] new employees and contractors are now productive from day one instead of waiting for their machine to arrive,” said the respondent, an Executive Vice President and Head of Business Systems and Infrastructure at the IIC, which currently employs over 10,000 people..

The company could immediately improve the user experience, meet remote worker security and compliance requirements, and improve productivity by supporting BYOD, which enabled employees and contractors to begin work immediately.

What is driving SASE adoption?

Some compelling factors driving SASE adoption are the size and maturity of organisations. For more mature, technically sophisticated enterprises, SASE implementations are motivated more by business and digital transformation needs than technical requirements.

Common business drivers include improved business agility, cost reduction, support for hybrid work (office-based and remote workers), improved end-user experience, reduced threat impact and risk, improved compliance and competitive pressure.

Source: Shutterstock

Larger organisations, especially those with over 10,000 employees, tend to suffer from technical debt and incompatible legacy systems that slow down deployments. Conversely, smaller organisations tend to adopt solutions faster and can often source the entire SASE stack from a single vendor.

Common technical drivers include network, security, IT modernisation and simplification, and simplified management of rapidly growing networks.

Key considerations for implementing SASE

Research participants indicated a variety of deployment approaches. None indicated embarking on a “big bang” implementation: some organisations rolled SASE out to high-risk users and apps first, while others chose lower-risk users and applications.

For example, some organisations with high short term risk exposures, such as the potential for breaches or failing compliance audits, chose to solve the issue for those groups first. Others, less concerned about short-term risk, took a more conservative approach like deploying to staff already using modern cloud apps.

“It was all about basic access first to support the remote workforce. Subsequently, it was about business-critical targets and high-risk estates, with quick wins peppered in between,” said one respondent, a Regional Information Security Manager for a large Australian IT services company.

“Any users who can migrate without losing any access to unsupported apps naturally will do so. This provides a faster, better user experience that rewards the user to move to SASE. They were excited to move away from VPN and use [it] as a […] fall-back plan,” said another, a Regional CISO at a large Singapore engineering firm.

Overall SASE projects vary in duration (from initial sign-off to production) from 6-12 months to over three years. Nearly half (45%) of all respondents indicated durations of 12 months or less; another 45% fell in the 13 to 36 month range; and the remaining 10% indicated more than three years to complete a SASE implementation.

In Asia Pacific, only one-third of participants indicated that SASE was deployed as part of a digital transformation initiative, as compared with three-quarters of their counterparts in Europe.

End matters

In the next part of this article, we’ll be looking more deeply into the study’s results, and getting the thoughts of Rob Le Busque, Regional Vice President at Verizon, APAC. In the meantime, head to this page to learn from the experiences of enterprises who have already migrated to SASE, detailed in the report produced in collaboration with S&P Global Market Intelligence.

Continue your exploration of SASE adoption with Part 2 of this feature, which will cover in-depth study results and insights from Rob Le Busque. Check back in the coming weeks for the next instalment and in the meantime, you can explore the research and business impact briefs for comprehensive insights at the following links: Research | Business Impact Briefs.

The post Deploying SASE: Benchmarking your approach appeared first on Tech Wire Asia.

SASE – Secure Access Service Edge – first emerged in 2019 but has risen to prominence in recent months. According to Cognitive Market Research, the SASE sector was valued at US$1.92 billion in 2022 and will reach US$6.57 billion by 2030. This equates to CAGR growth of more than 25 per cent, and is a good reason to take a closer look.

Source: Shutterstock

While it has not yet expanded into common lexicon, Robert Le Busque, regional vice president for Verizon Business in Asia Pacific, says it’s only a matter of time.

“We haven’t yet seen 2023 become ‘the year of SASE’, but we’re definitely entering an era of SASE architecture,” Mr Le Busque said. “It’s not a trend that will be here for 18 months then move on; it will be the defining architecture for the next five to ten years.”

Varying degrees of readiness

According to Mr Le Busque, organisations in the Asia Pacific region are leading the way in the implementation of SASE in many ways. But the level of adoption varies depending on the sector and maturity of their network architecture lifecycle.

Many organisations moved towards software-defined networking (SDN) more than six years ago, which provided a boost in digital transformation funding for the region. Those early adopters of SDN are now well prepared to move to a SASE architecture.

“Some organisations are already well advanced in cloud migration at scale and were already preparing to move to cloud network architectures,” says Mr Le Busque.

“We are seeing pockets of early adoption within Singapore, Malaysia, parts of India and parts of Australia. Interestingly, countries that have not been as far advanced in cloud network architectures – such as Japan – are now catching up very rapidly.”

The benefits of SASE

Any company with a significant number of remote workers will benefit from adopting SASE architectures, as it makes secure connections faster and more resilient. It also provides advanced network security and scalability that is fit for purpose to combat modern-day cyber threats.

One example of this can be seen at a large global healthcare company that employs tens of thousands of staff distributed across the globe and spans a number of business units, each with its own teams, technologies and security policies.

Source: Shutterstock

The company wanted to improve security and harmonise its processes and technology, so it turned to SASE and Verizon’s network-as-a-service offering. First trialled in one business unit, SASE eventually enabled this healthcare company to provide staff with secure internet and application access through mobile devices from anywhere, as well as access to IT resources on both physical and cloud-based servers, all through one tech stack and one service desk.

Choosing the best SASE approach

Currently, most SASE solutions will involve a range of providers offering their individual services.

According to Mr Le Busque, companies can currently choose between implementing a single stack from a single vendor or a best-of-breed offering with a range of services from different vendors.

“Ultimately, organisations that need to scale and have increasing levels of complexity are more likely to go for the best-of-breed stack they build and manage and define themselves,” says Mr Le Busque. “Those with less sophisticated, single-stack network architectures can drive simplicity and cost out of the model.”

Why Verizon?

Verizon has helped its customers to transform their networks and core architectures for 25 years and is now leading the way on SASE.

“We’re now helping companies figure out what multi-cloud and industry-access cloud architecture they need, and what they want is secure-by-design, cloud-ready and agile,” says Mr Le Busque.

Discover how SASE can benefit your organisation with Verizon today.

The post The era of SASE is beginning appeared first on Tech Wire Asia.

The Covid pandemic brought with it a huge uptick in remote working and the movement of apps to the cloud. These trends continued through the worst of the health crisis and into the post-Covid world.

And while the remote working, cloud-dependent model brings enormous benefits with it, it has also made it significantly more difficult to properly protect a network.

The number of companies facing this dilemma, in the presence of increased cyberthreats, will likely begin an economy-wide switch from the ‘castle and moat’-style protection of software-defined WAN capabilities to a new concept known as Secure Access Service Edge (SASE).

This is a network architecture that combines WAN capabilities with comprehensive network security services, including a secure web gateway, a cloud access security broker, zero-trust network access and firewall-as-a-service.

Source: Shutterstock

While SASE has been around since 2019, it has risen to prominence as a cloud-native security solution in the last year. The approach offers a simple cloud-based solution to combat the rising security risk, reducing the amount of physical hardware necessary for a robust cybersecurity system.

At its core, SASE allows companies to create a unified, cloud-delivered service model that supports dynamic, secure access. That creates a new pathway for building networks, which makes it easier to connect resources and workers wherever they may be located. Once you can do that, you benefit from more flexible networking and improved application performance.

SASE helps organisations meet their business goals, too. If implemented correctly, it works to reduce risks and may help to reduce costs, while allowing businesses to scale dynamically. Because it simplifies operations and the addition and removal of users, this network architecture approach can also help simplify Merger & Acquisition (M&A) activity.

The approach can also help optimise network resources. Using SD WAN, deployment can be swifter than legacy network technologies and it enables network bandwidth to be shared and utilised across the network more efficiently.  It also helps security teams to scale security policy holistically, ensuring a consistent, identity-based approach to application and data access, regardless of where the user is located.

Get the lay of the land

The revolution is only just beginning. According to Gartner^®1, by 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture, up from 20% in 2021.

But is SASE right for your organisation?

There are several critical elements to investigate to determine your answer to this question and discover whether SASE can offer your business the way forward to network security.

Firstly, it’s important to audit your organisation’s current secure network capabilities and WAN and security technology investments. This can help determine whether now is the right time to make the move towards SASE.

Source: Shutterstock

Organisations that have recently invested in their existing network and network security solutions may decide that now is not the best time to jump on board the SASE train. However, it could be perfect for those facing the challenges of legacy networks in terms of cost and complexity.

Another important factor to consider is how many employees work from home or in a hybrid capacity. SASE is particularly effective at ensuring secure access for workers wherever they are, making this approach very useful for organisations with large remote workforces.

Plus, if your organisation is large, it can suffer from inconsistent security policies across different departments, leaving holes in the cyber posture. SASE helps to close those holes by providing a unified and comprehensive security framework.

Define the problem

Before beginning the transition to SASE, it’s essential to map out the challenges you hope to solve with this new model.

In most cases, complexity and costly networks that do not provide adequate security are good starting points. Another consideration is whether your organisation has a hybrid or remote workforce, as a SASE approach will make it easier to onboard new home-workers.

Broad support and broad expertise

Taking a new network approach is a significant decision, which may prove challenging initially, so securing buy-in from executive leadership is a critical success factor.

Engaging C-level and board support will provide the necessary momentum to allow a positive “trickle-down” effect throughout the rest of the organisation to assist in the transition.

A final factor in gaining support for this change will include assessing whether your enterprise has the broad range of expertise necessary to make the shift to SASE.

No “one-size-fits-all” approach

A modern SASE solution will involve a combination of technologies and offerings that will need to be integrated to deliver a customised solution to an enterprise’s networking needs.

According to Gartner’s research¹, by 2025, one-third of new SASE deployments will be based on a single-vendor SASE offering, up from 10% in 2022. By 2025, 65% of enterprises will have consolidated individual SASE components into one or two explicitly partnered SASE vendors, up from 15% in 2021.

The SASE revolution is coming, and coming fast, so now is the time to determine whether your company is ready to get on board and to understand the advantages it will bring. Find out more about what you can do with Verizon here.

¹Gartner, Market Guide for Single-Vendor SASE, Neil Macdonald, John Watts, Jonathan Forest, Andrew Lerner, 28 September 2022.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The post Are you ready for SASE? appeared first on Tech Wire Asia.