A new study examined Security Service Edge (SSE) adoption, and the role it plays in establishing a zero-trust architecture. According to the report, SSE’s popularity is reflected in the fact that 71% of cybersecurity professionals are familiar with it, despite it only being around for about two years. In fact, SSE ranks above single sign on (SSO), multifactor authentication (MFA), endpoint security, and Security Information and Event Management (SIEM) in the minds of IT executives as a key technology in the achievement of zero trust. That’s why 65% of organizations plan to adopt SSE in the next 24 months, with 43% planning on implementing before the end of 2023.
Zero trust is all about securing endpoints, applications, IT infrastructure, and data based on the assumption that any network or endpoint is always at risk of either internal or internal attack. Accordingly, zero trust means individuals are not automatically trusted just because they are on the network. They must prove who they are and are given limited access to only the systems they need. The same applies to devices. Zero trust verifies machine identities and picks up changes such as the browser being used for access. In essence, all devices and identities are not trusted and are denied access to corporate assets until they can meet a defined set of criteria.
SSE has quickly become a top strategic initiative for organizations due to the role it plays in Secure Access Service Edge (SASE) adoption and successful zero trust implementations. The study found that 67% plan to start their SASE strategy with an SSE platform, compared to 33% with SD-WAN. Why? SSE is seen as more secure while also bringing gains in terms of cost reduction and productivity.
An area of confusion emerged in the study – access complexity. Researchers found that 63% of enterprises have at least three access security solutions in play. Nearly a quarter leverage six or more access solutions. As well as raising costs, management complexity, and taking up IT time, this mess of access applications inevitably leads to security holes. Cybercriminals are eager to exploit any areas where access controls are weak or missing. Users of legacy access solutions, in particular, believed their top challenge was that their current platforms granted too much inherent trust to users. This goes against the grain of the zero-trust mindset.
The survey showed that SSE services are seen as providing a means of reducing costs. The top two legacy solutions that enterprise security teams will look to replace with SSE in the coming year will be VPN Concentrators (63%) for VPN, SSL inspection services (50%), Distributed Denial of Service (DDoS) (44%), and data loss prevention (DLP) services (42%).
Implementing Zero Trust in the Enterprise
Security vendors are coming to market with all manner of tools aimed at achieving zero trust goals. The latest version of Syxsense Enterprise forwards these goals via an integrated Zero Trust module. By using Syxsense for vulnerability detection management and remediation, organizations have no need to add additional products or tools to achieve zero trust protection. Further, Syxsense Enterprise consolidates different tools for patching, vulnerability scanning, remediation, mobile device management (MDM), and zero trust in one unified platform. It blocks users on untrusted devices, automatically triggers actions to prevent breaches, and enables endpoint compliance using Zero Trust Network Access policies (ZTNA).
The Syxsense Zero Trust module, then, serves as a trust evaluation engine for endpoints. Security teams can use it to build sophisticated access policies, apply fixes and remediate issues in real time to enable (or block) access. In addition, remediation of non-compliant endpoints includes automation to take care of tasks such as deploying an urgently needed security patch, updating the anti-virus signature database, and alerting IT about unauthorized access attempts.
For more information, visit: www.syxsense.com