As a CIO it is very easy to get “new-acronym-deafness.”
New innovations need new words and name-tags to identify them, and while analysts work hard to provide benchmarks and standardised definitions, it can be hard to keep up. At Netskope we know how confusing it can get, because sitting at the vanguard of emerging categories means we have had to do our fair share of explainers and re-labelling over recent years.
There’s a wealth of information on our website explaining security service edge (SSE), secure access service edge (SASE) and zero trust. But as a CIO, overseeing huge transformation projects, sometimes there isn’t time to do much more than develop a basic literacy in new terms and trust project teams to do the in-depth research into vendor nuances and potential pitfalls.
With that in mind, I thought it would be useful to pen a quick cheats guide to SSE for my CIO peers. I want to highlight the four benefits you need to know about SSE that will determine you to task your team to go and work out your organisation’s next steps.
- SSE is the modern approach to security in an age of digital and cloud transformation, and uses cloud-based and data-centric security, which means user and data location are no longer limiting factors. Users and data can be secure regardless of location or access device so you no longer need to create and fund separate projects to support remote workers, or re-architect overnight in the event of major business disruption (such as we saw in 2020)
- SSE is cloud-native, which means—in essence – it speaks the language of cloud applications and data traffic. These languages are API and JSON and when security can understand these, it allows for a deep contextual understanding of data types and usage, meaning policies can be designed with much more granularity than simply allow/block. This means security teams can enable more—including business teams sourcing their own cloud services for productivity—without opening up undue risks
- Building on the point above, Netskope’s data puts the percentage of unauthorised cloud apps in use within organisations as high as 97%, and organisational efforts to curb this will always be either fruitless or so heavy-handed they obstruct business productivity. Securing the data, rather than the application, means security visibility (and policy) does not only include managed applications. Business units can innovate and find productivity gains without always wading through time-intensive security authorisations that can take months before an application is allowed to be useful.
- Rather than requiring increased investment during a time of economic uncertainty, security transformation, including SSE, actively reduces overheads. Organisations are reporting savings of millions of dollars as they find cost benefits through vendor consolidation and technology management integration, as well as a significant reduction in networking overheads because security is applied inline and everything no longer has to route back to appliances in the data centre. In fact, 79% of European businesses already report savings from cloud security
Now, if that’s caught your attention and you did want to know more (or you want your teams to know more), I highly recommend this guide to SSE for Dummies.