The security service edge, or SSE, is a pretty new concept — introduced in the 2021 Gartner Hype Cycle for Network Security as an approach to secure access to the web, cloud services and private applications, consolidating multiple disparate security capabilities.
But it's a new concept that at least Forcepoint is banking on. The company on Monday announced the acquisition of SSE company Bitglass. We talked with Forcepoint CEO Manny Rivelo about the potential he sees in this emerging market and why the company wanted in.
What made Bitglass an attractive acquisition target?
Rivelo: In 2020, businesses and government agencies had to quickly reinvent how they allowed people to safely work from home. Now, the shift to hybrid work means that their people will work from a mixture of places — at home, in offices, even traveling — within the same week or even the same day. SSE will let organizations keep their people safe everywhere so that they can use sensitive data and intellectual property anywhere, whether it’s on the web, in cloud apps like Microsoft 365, or in private apps running in data centers or private clouds.
By bringing Forcepoint and Bitglass together, we will offer security-as-a-service from the cloud with the best of both worlds: all-in-one management of access and data security policies in one place combined with threat defenses like our remote browser isolation, zero-day sandboxing, zero-trust-based content technologies, and data loss prevention.
How does SSE differ from SASE?
SSE stands for Security Service Edge. Think of it as the security half of SASE (the other half is about SD-WAN and other networking technologies). SSE replaces what up until now was an alphabet soup of fragmented security products (SWG, CASB, ZTNA, DLP, CSPM) with a unified security-as-a-service that lets organizations safeguard their people everywhere consistently no matter where they work. SSE dramatically simplifies security, allowing security teams to set policies once – in one console – to control how people access and use data.
SSE takes the complexity out of enabling a modern hybrid workforce in which people work in many modes. It makes it possible for them to work the same way, no matter where they are. For example, it eliminates the need for VPNs for internal private applications, which can slow processes down and harm productivity when accessing cloud apps like Microsoft 365.
This is a relatively new concept. What do you believe will drive customers down this path?
The pandemic accelerated many organizations’ journey to cloud by seven years, according to McKinsey. Any change requires time for an organization to digest and implement, but SSE simplifies security and it’s the natural direction that most cloud transformation initiatives are heading. Companies will always have some locations that have special data sovereignty requirements or internet bandwidth constraints that may make local enforcement important. But the vision we have for SSE provides more than just delivering security from the cloud – it’s about enabling distributed security in which enforcement happens wherever it makes the most sense for the customer.