What Is Secure Access Service Edge (SASE)? – HealthTech Magazine

Through blogs, podcasts and tweets, these influencers and IT leaders offer insights to help their audiences stay up to date on the latest in healthcare technology trends.

Brian Eastwood is a freelance writer with more than 15 years of experience covering healthcare IT, healthcare delivery, enterprise IT, consumer technology, IT leadership and higher education.

Brian Eastwood is a freelance writer with more than 15 years of experience covering healthcare IT, healthcare delivery, enterprise IT, consumer technology, IT leadership and higher education.
In a 2019 enterprise networking report, analyst firm Gartner coined the term secure access service edge to describe the combination of software-defined WAN with cloud-based security. SASE is intended to move security out of the enterprise data center and closer to users and their devices, which are increasingly deployed and used outside the traditional firewall.
For healthcare, SASE has emerged as an effective way to manage a workforce that’s increasingly distributed, whether it’s administrative staff working remotely, physicians providing care in branch offices or visiting nurses seeing patients in their homes.
“Pushing security controls as close to the sites, devices and users as possible is transformational, and it makes sense. But healthcare has perimeters with firewalls and appliances stacked on top of each other,” says Sinan Eren, vice president of zero-trust access at Barracuda Networks. “Healthcare benefits from SASE by pushing the controls to wherever the employees are, instead of concentrating security at a central location.”
The foundation of SASE is the zero-trust security model. Behind a traditional enterprise perimeter or firewall, IT teams would trust devices and users by default. In a distributed environment with no perimeter, trust cannot be guaranteed, even if a connection to the corporate network has been established.
In the zero-trust model, user and device identity must be authenticated to access a network and anything on it, such as business applications, servers or other devices. SASE implementations often couple zero trust with the principle of least privilege, which grants users, devices or applications access only to what they need to do their job or complete a task. Assets that cannot be accessed aren’t even visible to users or devices, Eren says.
READ MORE: SASE offers security in cloud migration for healthcare organizations.
“One of the most important investments before moving to SASE is to get identity and access management in order,” he adds. “Without a central repository of users, groups and assets, it’s difficult to roll out security and connectivity. SASE and zero trust make it possible to securely extend work to remote destinations because of this explicitly assigned access.”
Just as SASE de-emphasizes blanket access to corporate assets for anyone or anything logged, it also avoids maintaining the same level of privileged access for a long period of time.
“Once the access is granted, it’s important to constantly re-evaluate the posture of the user or device to determine whether to evolve that level of privilege,” says Abe Ankumah, CEO and co-founder of Nyansa, a network analytics software company that is now part of VMware. For example, an employee’s role with an organization may change, or a medical device may no longer run a supported version of Windows. “Just because something was granted privilege doesn’t mean that they get to keep it.”
Adopting SASE in a healthcare setting doesn’t require a sudden, wholesale transition. “You need to be thoughtful about a strategy that won’t require a rip-and-replace,” Ankumah says.
There are three common starting points for deploying SASE architecture in healthcare. Each has played a role in helping hospitals support care delivery and maintain business operations during COVID-19.
MORE FROM HEALTHTECH: 4 key advantages of SD-WAN technology for healthcare.
Many healthcare organizations are “doing SASE by default,” even if they aren’t using the term to refer to their network and security strategy, Pitt says.
“Healthcare is being pushed into SASE, and IT pros need to start preparing themselves,” he says. “They shouldn’t fight it; it will protect their environment and keep people safer.”
How Health IT Leaders’ Roles Have Evolved During the Pandemic
Q&A: Dr. Danny Sands on the Growing Role of Patients in Healthcare
Visit Some Of Our Other Technology Websites:
Increasing Engagement in Blended Learning
Copyright © 2021 CDW LLC 200 N. Milwaukee Avenue, Vernon Hills, IL 60061