March 8, 2022
Security Service Edge (SSE) Is the Way To Go, but How to Choose?
Gartner® recently predicted that “By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform."*
If you don't know what SSE is, you should read my colleague Sundaram Lakshaman’s breakdown of SSE and Secure Access Service Edge (SASE). The gist of it is that SSE is the convergence of security technologies inside the SASE framework.
I completely agree with the prediction by Gartner. I believe that there are new security requirements that have emerged as a result of the wholesale migration to the cloud. When the pandemic forced organizations to go remote in 2020, they scrambled to give users access regardless of where they work and what devices they use. But now that work-from-anywhere has settled in, a bigger challenge has emerged: the protection of sensitive data.
As operations move to the cloud, IT security teams find themselves guarding data that has scattered across data centers, private clouds and software-as-a-service (SaaS) apps, and are accessed by endpoints sitting on networks they don’t manage. But unlike when everything was neatly inside perimeters, they no longer have the visibility nor the controls to protect their data.
Organizations need to streamline their security operations — that’s where SSE comes in. But not all products are made equal. To reduce risk and protect data, organizations need a SSE platform that is built with native data, user and endpoint protection capabilities.
Not all SSE platforms are created equal
Both SSE and SASE are high profile frameworks, as organizations look for solutions to secure their data amidst their digital transformation, where data is flowing freely between endpoints and cloud apps and circumventing perimeter-based security.
To sell more products, there are now countless vendors marketing their offerings as having some or all of the SSE technologies: Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG).
But some SSE products are unwieldy slapped together through various acquisitions in a way that creates risk. Think about the administrative overhead involved with independently configuring and generating policies for each product. Not to mention the near-impossible tasks of keeping up with alerts and updates from multiple consoles that don’t talk to each other.
This strategy often leaves gaps in an organization’s security posture, such as the inability to understand mobile endpoint-related risks, or prevent an insider from exfiltrating sensitive data. To safeguard your data, you can’t just “check the box” when it comes to a SSE platform.
Here’s what you should look for in a unified platform
A SSE platform must be more than a patchwork of technologies. Not just to cut down on costs and operational complexity but to reduce risk and secure your data. To do so efficiently, you need the visibility and controls in place to make smart Zero Trust access decisions, regardless of the endpoint use, and where your apps and data reside.
Here’s what a converged SSE platform looks like:
Simple, unified policy enforcement
Security solutions need to be integrated into a unified platform, so that your security teams only need to write policy once and have it apply across their entire infrastructure, whether it be to endpoints, SaaS apps, private apps or email clients.
Deeper and proactive data protection
A robust SSE platform should be able to enable collaboration while securing your sensitive data. You need a platform with native and modern Data Loss Prevention (DLP) that recognizes the types of data you have and enforce policies wherever it goes. This includes watermarking or redacting sensitive data within documents. You also need the ability to encrypt content as it gets downloaded with enterprise digital rights management (EDRM).
End-to-end threat protection
In addition to data sensitivity, the platform can detect and respond to threats like ransomware entering your infrastructure or malware present on devices. Your policy enforcement should know the changing risk posture of endpoints. In our ransomware guide we detail how securing against these types of attacks and protecting your data requires four key actions.
Deep understanding of users
Not all threats use malware. Data is often leaked by insiders accidentally or on purpose, like with the recent Pfizer IP incident where data was uploaded to a personal device. You will also encounter compromised accounts where credentials are stolen via a mobile phishing attack. You need a platform that has native User and Entity Behavior Analytics (UEBA) to know when a user is putting your data in harm's way.
SSE requires a unified platform with end-to-end protection of your data
2021 was another year of high security incidents and business losses. There were an average of 270 attacks per company in 2021, a 31% increase from 2020.** This means securing your organization in a remote-first world requires a new approach.
The Lookout SSE platform, which includes CASB, ZTNA, SWG and endpoint security, is elegantly built with end-to-end data protection capabilities. It takes into account telemetry data from users, the risk posture of the endpoint they use and the sensitivity level of the data they seek to access. As a result, we’re able to dynamically enforce data protection policies without hindering productivity.
Lookout was named a Visionary in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE). We also scored in the top three in all SSE use cases laid out in the 2022 Gartner Critical Capabilities for SSE.
Download complimentary copies of the 2022 Gartner Magic Quadrant for SSE and Critical Capabilities reports to learn:
- How SSE can help you reduce complexity, costs and management overhead.
- Which SSE Gartner Critical Capabilities to focus on
- Which use case/s could be applied to your organization and what to look for in an SSE vendor.
- The analysis behind Lookout’s top three placement in the Critical Capabilities report
Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved
Gartner, Magic Quadrant for Security Service Edge, John Watts, Craig Lawson, Charlie Winckless, Aaron McQuaid, February 15, 2022
*Gartner, Critical Capabilities for Security Service Edge, John Watts, Craig Lawson, Charlie Winckless, Aaron McQuaid, February 15, 2022
**Accenture, The state of cybersecurity resilience 2021, Kelly Bissell, Nov. 3, 2021
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Book a personalized, no-pressure demo today to learn:
Discover how adversaries use non-traditional methods for phishing on iOS/Android, see real-world examples of threats, and learn how an integrated security platform safeguards your organization.