With the rise of cloud computing and remote work, traditional security measures are proving to be inadequate in keeping up with the increasing number of users, devices, and data located beyond the enterprise network. This presents a significant challenge in maintaining network security while ensuring that employees stay connected to cloud-based and third-party services.
The growth in managed and unmanaged connections has led to a significant increase in security incidents. According to a recent survey conducted by Fortinet, in India, 82% of respondents have experienced at least a 2X increase in security incidents, and 72% reported more than triple the number of breaches. The top security incidents include phishing, denial of service, data/identity theft, ransomware, and data loss. Alarmingly, only 49% of organisations in Asia have dedicated security personnel, leaving them more vulnerable to security incidents and breaches.
To address the challenges of hybrid work, banking and insurance players in India are planning to invest in a Single-Vendor Secure Access Service Edge (SASE) solution. SASE offers a comprehensive solution that improves security posture and provides consistency in the user experience for remote employees. It simplifies security policy management and enhances the user experience while ensuring a consistent security posture for users on and off the network.
As hybrid work increases, employees need to make multiple connections to external systems and cloud applications to remain productive. The survey reveals that employees in India currently need to make more than 40 connections to third-party cloud applications, increasing the risk of security breaches. Over the next two years, 100% of respondents in India expect this number to double, and more than 68% believe it will triple, exacerbating the risk. This challenge of maintaining network security while ensuring employee connectivity to third-party and cloud-based services is further complicated by the inadequacy of traditional security measures.
Advantages of SASE for BFSI Sector
The BFSI sector handles sensitive financial and personal information, making it a prime target for cyberattacks. Hence, the need for deploying SASE in organisations must be carefully assessed. Organisations must thoroughly plan for integrating the solution with the existing infrastructure, consider all security requirements, and conduct thorough testing before deployment.
In case of North East Small Finance Bank (NESFB), it was using a traditional MPLS network, which involved high cost and complex architecture. However, as NESFB embarked on the journey to transform its security posture and network architecture, migrating to SASE architecture was not a challenge. Implementing SASE has brought many advantages for the bank, including network connectivity, device authentication, bandwidth optimization, real-time visibility, and better security controls.
Pankaj Das, Head of IT Infrastructure, Network & Services at North East Small Finance Bank Ltd, informs, “With an increasing cyber threat landscape, the BFSI sector needs to implement multiple security solutions, which results in higher costs and investment in terms of application, infrastructure, and management. Hence, consolidation is the way out to reduce complexity and management overheads. SASE is a consolidated and cost-effective platform for the BFSI sector, which delivers security control, enhanced network performance, and ensures real-time visibility resulting in an immediate response in case of any security incident or non-compliance.”
Similarly, Sendilkumar Venkatesan, VP -IT, Shriram Value Services, shares, “While considering implementing SASE, start with a thorough assessment of the current security infrastructure, including firewalls, intrusion detection/prevention systems (IDPS), data loss prevention (DLP), secure email gateways, and any other relevant security tools. Identify strengths, weaknesses, and potential overlaps in functionalities between solutions.”
From the security provider point of view, like Fortinet, the evolution of SASE is far from over. “We believe networking and security capabilities will continue to converge into a more comprehensive solution we call Universal SASE. This enhanced offering goes beyond the networking and security functions offered in today’s SASE solutions and will include on-premises ZTNA, SD-WAN private access, and capabilities to connect and secure Internet of Things (IoT) and operational technology (OT),” says Vishak Raman, Vice President of Sales, India, SAARC, SEAHK & ANZ at Fortinet.
Scalability and Cost Considerations
SASE is inherently a cloud-based service solution designed to leverage the scalability and flexibility that all cloud services bring to an organization. SASE solutions are built to scale resources based on demand. In the BFSI domain, where traffic patterns can fluctuate significantly, especially during peak business times, SASE can automatically scale to accommodate increased workloads without compromising security or performance.
Senthil also adds, “SASE brings security closer to the edge of the network, which is especially important for BFSI organizations with multiple branch locations. This edge-centric approach ensures that users, regardless of their location, can securely access business application resources with low latency and optimal performance.”
According to Archie Jakson, Global IT Head at Incedo, “SASE is inherently cloud-native, which means it operates in the cloud and takes advantage of its scalability. As your organization’s digital transformation initiatives expand, SASE can easily scale to accommodate increased network traffic and new services. SASE solutions are typically easier to deploy and manage than traditional on-premises security and networking solutions. This simplicity reduces the time and effort required to adapt to changing needs.”
Arunkumar Selvaraj, Global Head of Security & Compliance at TCS Enterprise Cloud (CIU), Tata Consultancy Services Limited, adds, “SASE brings in security along with connectivity while lowering the cost and saving time in managing networking and security operations together. SASE with ZTNA enhances security posture at the entry level. Additionally, it introduces a secure gateway between the endpoint and edge computing. This prevents targeted attacks as the network sources and identities aren’t exposed to online threats, which is crucial when accessing data, especially within the BFSI industry.”
The adoption of Secure Access Service Edge (SASE) by banks and financial institutions can present several challenges. These challenges may include Legacy Infrastructure, Data Security and Compliance, Network Complexity, User Experience and Performance, Vendor Selection and Integration, and Cost Considerations. Adopting SASE involves investing in new infrastructure, security services, and ongoing maintenance and monitoring. Financial institutions need to carefully evaluate the costs associated with SASE adoption and ensure that the benefits outweigh the expenses.
Trend Towards SDWAN and SASE Adoption
According to Arunkumar Selvaraj, Global Head of Security & Compliance at TCS Enterprise Cloud, there is a trend in both the BFSI and other segments towards deploying SDWAN (Software-Defined Wide Area Networking) and SASE together as part of the cloud transformation journey. This approach leverages SASE to provide high-level security at the edge while benefiting from the cost savings and manageability offered by SDWAN.
By adopting SDWAN and SASE, organisations can realise a better business value proposition and ROI while reducing connectivity costs considerably. The use of a single managed portal for security management simplifies operations and eliminates the need for separate security tools to manage perimeter security. This consolidation of security tools can lead to cost savings and more efficient security management.
In conclusion, SASE is a cloud-native solution that brings scalability, flexibility, and enhanced security to BFSI organisations. While its adoption presents challenges and considerations, the trend towards combining SDWAN and SASE shows promising results in terms of cost savings and improved security posture.