THE TIBERIUM BLOG - recent events, threats, and all things cyber

SASE OR SORRY

Firstly, welcome to the new Tiberium weekly security blog. The purpose of this blog is to inform, generate debate and discussion, highlighting industry trends, solutions and issues. Without being boring.

Formalities out of the way, why don’t we get down to business.

The great and the good have been talking about ‘borderless’ ‘zero trust’ ‘cloud first’ environments for some time. The technologies to support this brave new world have been stewing for a while. They include:

  • CASB – Cloud Access Security Broker
  • SWG – Secure Web Gateway
  • ZTNA – Zero Trust Network Access

The combination of these technologies  (CASB, SWG, ZTNA) has been recommended by Gartner since 2019 and has it’s own name and acronym:

SASE – Cloud based Secure Access Service Edge (this is pronounced sassy!)

SASE Convergence


The COVID-19 pandemic, working from home, cloud first, the new normal etc. has driven these technologies to the frontline. Nefarious crime outfits have been actively trying to exploit home workers for credential, data or more worryingly lateral infection (via the home user’s VPN connection).

As with all IT product stacks, crossover in functionality is the norm. Legacy providers are re-engineering their product sets for the new paradigm (or building by acquisition) , of course being driven by their former employees starting up, being funded, making a shedload of cash when the big boys buy them. The game of life had it pinned in 1860.

Of course as everyone and their dogs rush to the Cloud, a plethora of new technologies, or new names for old technologies will be pressed without any irony by the Sales and Marketing treadmill. For instance, third party management tools for cloud environments have their very own name Cloud Security and Posture Management CSPM.

This continuous product evolution, ‘opportunistic, must have, shiny’ is fine for businesses with a substantial IT department or flexible outsource providers, but what about the rest of us who cannot afford the products, let alone support them.

It is inevitable that Enterprise cloud migration will be stacked with numerous third party products, just like the old days! If you look at AWS, the product set is initially third party tech followed by AWS bespoke implementations thereof. What ever happened to shifting workloads between multiple cloud providers?

As Amazon Web Series (AWS) grew and grew with fast moving operational technology to share compute, storage and functional components, mostly either open source or open source rich, Microsoft has been playing a very long game which we think is now going to come to fruition for the high volume, high growth mid market.

A bit like Cisco, Microsoft gets in the market, sometimes even with a, shall we say, piece of junk offering. They then improve, iterate, improve, ultimately eating other vendor’s cheese.

This is exactly what Microsoft is doing in the cloud space. The unused functionality of E3 licenses and very much more so E5 licences, means that many mid size businesses (and huge corporates in fact) are already licensed for functionality in each of the bespoke stack products described above. Perhaps not with 100 percent comparable functionality, but near or there abouts.

If we were running a small or mid-size business using Microsoft endpoints with a cloud migration strategy, we would eschew third party technologies on the basis of the 80/20 rule. Windows 10, Microsoft Endpoint Manger (Intune), Azure Cloud and the integrated Sentinel cloud-native SIEM platform, appropriately managed with a continuous measurable improvement programme would be a good bet. We have spent years not liking Microsoft, since you ask, those days are gone.

Azure Sentinel – Cloud native SIEM

Or even better talk to us as this is why that we have built our platform, supported by some of the best people in this business.

Tiberium offers outcome based security advice, support and managed services delivered though a hybrid Secure Operations Centre, powered by Microsoft Azure Sentinel with Teams Workflow integration. All deployed rapidly, yes we live in the now.

Hybrid can have many meanings. In this case we mean that we can support, manage and continuously improve our client’s environments both in the cloud (including a remote workforce), on premise and during transition from legacy to cloud.

Our proposition is highly automated, can be delivered very quickly and efficiently in most environments. The methodology, implementation, reporting and experience (too many years to count)  delivers valuable outcomes and no nonsense measurable improvement recommendations.

Of course we would be more than happy to show you our platform, people and proposition. Contact us to arrange a demo!

We promise to avoid fear, uncertainty and doubt, ‘told you so’, ‘our SOC is betterer than your SOC and all of that. Of course we would welcome the opportunity to discuss any security matters with you within any of these blogs, or from anywhere else. That choice is yours. We love this stuff and cannot stop talking about it.

Share on: