How SASE Helps Overcome Remote Access Challenges

The ability to access corporate resources from a remote location has always been a business lifesaver and game changer, especially since the Covid-era. Although VPNs are one of the most popular means of remote access, they can be vulnerable and face latency issues when they reach capacity. Director of technology evangelism, Dave Greenfield of Cato Networks, explores the scalability and upside SASE presents for remote access. 

Though hard to believe, prior to the pandemic, only a scrimpy five percentOpens a new window of work was being done from home. Around mid-2020, this number rose to 60%. Fast forward to 2023, and while remote work may have stabilized at around 25%, full-time white-collar office work is definitely a relic of the past. 

As more employees access the corporate network remotely, it is introducing some serious challenges for cybersecurity teams. Let’s understand these in a bit more detail.

Current Methods of Remote Access Are Not Secure and Scalable

Virtual private networks are one of the most popular means of remote access. However, it is not designed around a 100% remote workforce. It has a predefined capacity, and if the amount of users connecting to the VPN server exceeds this capacity, its performance suffers, and user experience gets impacted. The only way organizations can overcome VPN performance issues is by upgrading existing infrastructure, something not always feasible because VPNs can be prohibitively expensive. Not to mention the added complexity that comes along with adding more hardware. 

VPNs are also prone to security problems. They have numerous vulnerabilities: on the MITRE CVE databaseOpens a new window , there are currently 645 known VPN vulnerabilities bad actors can exploit to launch attacks. VPNs also lack granular controls, which means that once a user authenticates, they get blanket access to everything that’s on the same subnet; from a security stance, this can be extremely dangerous. 

Remote desktop protocol (RDP), the second most popular means of remote access, is also prone to security risks. Adversaries are known to use online scanners to discover internet-exposed devices and then harvest stolen credentials for remote access services or vulnerabilities in RDP to gain access into organizations. RDP is also one of the most common methods cybercriminals use to deploy ransomware. 

See more: Managing the Technology Challenges of a Distributed Workforce

The Internet Is the Corporate Network

One of the major shifts that has happened over the past decade due to growing public cloud usage is that the corporate network is no longer an on-premises ecosystem. A majority of employees access computer resources and applications that are hosted outside the corporate network (i.e., on the public cloud). As a result, the traditional perimeter approach based on the castle and moat model is practically obsolete. 

Security teams no longer have visibility or control over data and applications that are outside of the traditional perimeter, making remote access meaningless. Studies show that 98%Opens a new window of organizations are using some form of cloud service, which is why attackers are increasingly targeting cloud networks. Cyberattacks on cloud infrastructure grew by 48% year-over-year in 2022. Furthermore, as 5G connectivity proliferates, public cloud usage will become even more common, and the corporate network as we know it will look very different from what it looks like today.

Security Teams Must Redesign Remote Access around this New Normal

Remote access isn’t what it used to be. Today’s employees could be working from anywhere, accessing resources anywhere in the cloud, making physical, perimeter-based approaches an outdated concept. This new normal calls for a new approach to the perimeter and remote access that is more scalable and secure than traditional approaches and this is where SASE (secure access service edge) comes into play. 

SASE (pronounced “sassy”) is a relatively new architectural concept that combines the power of software-defined wide area networking (SD-WAN) and security into a single, unified cloud service to deliver secure and reliable remote access to users regardless of what location or the type of network they are connected to. There are a number of benefits of this approach from a remote access perspective:

• Scalable remote access: SASE utilizes a cloud architecture and therefore supports rapid scaling without the need or cost of adding additional hardware. Users simply install one application or agent and can access resources securely from anywhere, only using their corporate credentials.
• Performance: SASE improves remote access performance by inspecting traffic right near the user’s location (a.k.a. points of presence or PoP) and then sends traffic back out to other locations across the SASE private backbone instead of the unpredictable internet. This improves performance for high-latency applications such as VoIP and video. 
• User experience: SASE reduces the number of agents and applications that are required for remote access in a traditional network, replacing them with a single application that delivers consistency, regardless of user location or the resource being accessed.
• Convergence: In contrast to a multi-vendor approach where different locations use different security appliances, SASE is about convergence. This reduces security complexity but provides visibility and control over users and applications.
• Security: Administrators can define granular access controls and allow or restrict applications based on user profiles, compared to VPNs, where users get blanket access to everything once they’re authenticated. SASE consolidates a wide range of standard utilities, including endpoint security, firewall-as-a-service (FWaaS), secure web gateway (SWG), cloud access security broker (CASB), and zero trust network access (ZTNA) into one combined service. This contrasts with environments that are technically disjointed with multiple security silos that do not communicate with each other. 

GartnerOpens a new window predicts that total worldwide spending on SASE will reach $9 billion this year, representing a 39% increase from 2022. As remote working trends and shifts to cloud computing gather pace, one can certainly predict how SASE is poised to become the future of remote access. 

How are you responding to the SASE revolution? Tell us about it on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to know!

MORE ON SASE

• What is SASE (Secure Access Service Edge)? Meaning, Working, and Benefits
• SASE Is Greater than the Sum of its Parts
• Hype or Help: Should Organizations Rely on SASE for Network Operations?
• Radically Enhancing SASE Orchestration through Consolidation and Automation
• Why SASE Will Help the New Norm of Working Together