What is Data Access Service Edge (DASE)? 

When Gartner introduced the Secure Access Service Edge (SASE) model in 2019, it gained immense popularity among enterprises seeking to combine network and security services while keeping a keen eye on device, identity and real-time contextual attributes. The SASE model aimed to simplify network access, all while enhancing adherence to stringent security and compliance policies. 

Yet, with the rise of remote work and global collaboration, virtual employees and collaborators pose the risk of data misuse and leakage, such as using various unsecured devices. Furthermore, a lot of data is no longer confined to the corporate network, especially in the distributed architecture of hybrid cloud configurations.  

Looking forward, organizations need to start expanding the principles of Zero Trust to cover data security and application access. 

Introducing DASE

Data Access Service Edge (DASE) is an extension of SASE, designed to fortify data access in hybrid and multi-cloud environments. DASE empowers organizations to enhance their security posture by dynamically enforcing policies that protect resources over the network perimeter, through the principle of least privilege access.  

DASE comic strip

This approach ensures that data access is not granted by default, adopting a “never trust, always verify” stance. Using attribute-based access controls (ABAC) and dynamic authorization technologies, a DASE approach validates policies in real-time based on various attributes, such as user role, location, and device. Recognizing that threats can come from both inside and outside the network, DASE conducts a comprehensive risk assessment and proactively mitigates data threats within the network and cloud.  

Under the DASE model, organizations can manage global data access through fine-grained data-level security controls, such as dynamic data masking and data segregation. Dynamic data masking prevents unauthorized access to sensitive data by applying policies that masks the value of other unauthorized fields, while data segregation filters data in records so that authorized users can only view the data to which they have been granted access.  

Elevating An Enterprise with DASE 

In conclusion, in an era where cybersecurity strategies are constantly evolving, and the volume of data stored in hybrid cloud and multi-cloud environments continues to grow, Secure Access Service Edge (SASE) must adapt and expand its coverage to encompass device, network, data and application security. This evolution is represented by Data Access Service Edge (DASE), which ensures the continuous protection of data and applications, regardless of their location. 

Additionally, DASE enables the automation of data protection policies to streamline risk assessment and ensure continuous data protection. Automation not only scales efficiently but also reduces errors, handling large volumes of data while accommodating evolving requirements. By implementing DASE, organizations can readily adapt to changes in business or regulatory environments, boosting agility, flexibility, and security beyond the confines of the network. 

To learn more on DASE, read our white paper.