SEATTLE – NetMotion, a provider of security solutions for the world's growing mobile and remote workforce, today announced the findings of its inaugural Secure Access Service Edge (SASE) global survey, revealing that although many public and private sector organizations have elements of SASE in their IT stack, only 12% worldwide currently have a comprehensive SASE architecture.
As the unexpected growth of remote working greatly accelerated conversations around secure remote access solutions, NetMotion surveyed 750 IT leaders, including CIOs, CTOs, IT and network directors, as well as security analysts across legal, finance, public safety, transportation, healthcare and government sectors in Australia, Germany, Japan, the United Kingdom and the United States. The goal was to quantify and qualify the hype around SASE while ascertaining the popularity of various network and security solutions deployed by organizations around the world.
The survey also found that two-thirds (67%) of respondents report confidence in their understanding of the comprehensive SASE framework. However, one quarter of organizations (26%) do not embrace the SASE philosophy at all (nor do they have immediate plans to), while just over one-third (35%) currently embrace it in less than half of their technology stack.
Other key survey findings include:
- Only 67% of respondents in the United States can confidently explain the principles of SASE, compared to 81% in the United Kingdom and 78% in Australia
- The utilities and energy sectors reported the highest share of complete SASE adoption (17%), with legal (14%), finance (12%) and healthcare (11%) following closely behind
- IT teams are taking the lead in SASE implementation (52%), while security teams (21%) and network teams (18%) are also responsible at some organizations
- VPN is the most widely deployed SASE solution (54%), followed by WAN optimization (49%), cloud secure web gateways (46%), firewall-as-a-service (39%) and SD-WAN (29%)
- Despite their hype over the last two years, ZTNA/SDP and edge content filtering are the least widely deployed SASE solutions (15%), although filtering content at the edge is most prevalent in the US (23%), perhaps driven by the need to ensure compliance and security amidst the growth in remote working
- Only 56% of organizations have begun to adopt a zero-trust posture while 24% do not plan to, suggesting that IT leaders either don't understand zero trust as well as they claim to, or that they are overestimating their own capabilities
"While SASE is likely to represent the future of network availability, optimization and cybersecurity, our survey revealed that the perception of accelerated adoption is much greater than the current reality, which is that the vast majority of enterprises are not yet close to fully embracing this framework," said Christopher Kenessey, CEO of NetMotion. "Our survey makes it clear that we're only at the very beginning of the SASE evolution, and that many organizations don't yet fully appreciate the benefits of going all in on this approach."
SASE awareness and adoption amidst remote work
Coined by Gartner in 2019, Secure Access Service Edge (SASE) represents a security framework or philosophy that combines the capabilities of SD-WAN and VPN technologies with cloud-native security functions such as zero-trust network access, CASB, firewalls and other technology. At its heart, SASE is an amalgamation of many existing tools coming together to help businesses reduce network complexity, deliver better security and reduce costs – all things that today's distributed organizations desperately need.
One of the main factors inhibiting greater SASE adoption is that only 4% of organizations have migrated fully to the cloud, with just over half (51%) having the majority of their apps and services in the cloud, according to our findings. In addition, over 15% of organizations still have at least three quarters of their resources hosted on-premise, a proportion that grows to 39% for government entities and 16% of public safety agencies. By contrast, financial and legal firms are the most likely to have pushed at least three quarters of their resources to the cloud.
With organizations slow to adopt a comprehensive SASE stack, it is no surprise that the data also revealed a continued reliance on enterprise VPNs. In fact, over 50% of respondents reported that their organization relied most heavily on VPN for secure remote access during the pandemic. VPNs proved most popular among law firms (56%) and financial service organizations (49%), while 56% of private-sector organizations reported having utilized VPNs for their employees. Public sector leaders, on the other hand, reported only 29% VPN adoption, instead prioritizing cloud secure web gateways (37%) and firewall-as-a-service (42%).
These results suggest that modernizing legacy technologies, such as VPNs, firewalls, and secure web gateways (SWG), was a more attractive initiative to IT leaders than the adoption and implementation of new solutions, such as control access security brokers (CASB), ZTNA and edge content filtering, especially since most organizations had goals of scaling existing tools rather than attempting a forklift upgrade.