IBM has unveiled a set of secure access service edge (SASE) solutions to help customers secure complex distributed work environments. ​

SASE is a concept first articulated by Gartner in a 2019 white paper. It combines security and SD-WAN in a cloud-based approach designed to embed security directly into the network. This enables companies to apply security policies in the cloud that govern users no matter where they are. 

Because the network and security are software-defined, administrators can manage them programmatically, making it easier to update these policies across the organisation. 

IBM Security Services for SASE is an end-to-end offering covering strategic consulting, design and integration, and application onboarding. It also encompasses a set of managed security services in the cloud to protect user sessions and data, such as secure web gateways, cloud-based firewalls, cloud access security broker services and data loss prevention. 

Zero-trust security is another big component of SASE. This part of the solution removes implicit trust for people that access the network and verifies their identity when accessing resources inside the company’s infrastructure. Zscaler, with which IBM partnered in May, will provide the zero-trust functionality for IBM’s SASE portfolio. 

IBM sees potential for its SASE services in areas such as hybrid workforce access, contractor and third-party access, and edge computing scenarios. It can also help to secure businesses undergoing mergers and acquisitions, the company said. 

IBM commissioned a study from Forrester to support its SASE roll-out, and it found 60% of companies lacked a clear security strategy spanning their entire cloud deployment.

Most companies (70%) found it challenging to implement centralised security controls across multi-cloud environments, while almost two-thirds found it difficult to secure their remote and in-office employees across multiple devices and locations.