How Zero-Trust Computing has Evolved Since 2020 with SASE

Four years ago, when we all got thrown into the deep end of remote work, I wrote about how the sudden shift left a lot of businesses scrambling. Security took a backseat to just keeping the lights on. Unsecured Wi-Fi, personal laptops doubling as work machines, and spotty VPNs became the norm overnight. Back then, I told you about zero-trust computing—a shiny new(ish) idea that was all about locking things down tight with an “implicit deny” approach. Tools like ThreatLocker were the heroes of the day, helping businesses block anything and everything unless it was explicitly approved.

Fast forward to today, February 2025, and wow, have things evolved. Zero-trust isn’t just about application tools anymore—it’s grown into full-on security clouds, and it’s more critical than ever, whether your team’s at home, in the office, or splitting time between both.

So, let’s catch up. How has zero-trust changed since 2020, and why do you still need it—especially with all this back-and-forth about returning to the office?

Zero-Trust: From App Restrictions to a Complete Security Solution

In 2020, zero-trust focused on limiting access to necessary apps and files, blocking everything else. It was effective against new cyber threats. Today, it covers much more—devices, networks, and cloud apps—through a security cloud. SASE, or Secure Access Service Edge, is one example. Don’t worry about the technical name—it’s a practical way to keep your business secure and efficient, no matter where your employees work.

Here’s the deal—zero-trust is the strategy, the big idea that says, “Don’t trust anything until it’s proven safe.” It’s been around for a while, starting with tools that locked down apps, like we talked about in 2020. SASE is the modern tool that puts zero-trust to work across your whole business—networks, devices, cloud apps, everything. Think of zero-trust as the playbook and SASE as the quarterback running the plays. With a solution like SASE, you get zero-trust built in, plus extras like fast connections and easy management, all in one package. They’re not identical, but they’re a perfect pair for keeping your business secure today.

Here’s why SASE makes sense for your business:

1. It Cuts Costs and Simplifies Management
   Traditional security—VPNs, firewalls, and extra tools—gets expensive. You pay for separate solutions to block harmful websites, monitor connections, and secure your network, plus hardware and maintenance fees. SASE combines these—secure connections, website filtering, advanced firewalls—into one price per device per month. No additional hardware or upkeep costs. It also adjusts easily as your business grows—add employees or locations without extra equipment. For a small business in Pocatello or a mid-market team in Meridian, this means lower expenses.
2. It Improves Employee Experience
   In 2020, VPNs slowed connections, required constant logins, and frustrated users. SASE replaces that with a small agent on devices, connecting to a global network at speeds up to 1+Gb/s after one login. Whether employees work from home in Nampa or the office in Boise, they access what they need quickly and easily. Satisfied employees work better, complain less, and stay longer—valuable for your team’s productivity.
3. It Strengthens Security Without Complexity
   Cyber threats like ransomware and phishing remain active. Older systems needed multiple tools, and a single failure left you vulnerable. This reduces the risk of breaches without overwhelming you. SASE acts as a single, reliable security solution. It includes secure DNS to block risky websites, content filtering to limit distractions, and a cloud firewall that restricts access by user and device—all managed from one place. It checks every user and device before letting them in, enforcing zero-trust policies based on identity, device condition, or location.
4. It Offers Privileged Access Management
   
   A key part of SASE is Privileged Access Management, or PAM, which focuses on your most critical assets—like financial records or customer data. PAM controls accounts with extra permissions, like your IT staff or admins, adding layers like multi-factor authentication (MFA) or temporary passwords. For example, if an IT admin needs to update a cloud database, SASE verifies their identity and device, securely connects them via its global network, and applies threat protection. PAM then steps in with a one-time password, limits them to just that task, and logs every action. If they try accessing something else, SASE and PAM block it. Together, they ensure “least privilege”—everyone gets only the access they need—and track everything, so if something odd happens, you know exactly what went down. This keeps your business secure without complicating your day - and keeps your people working!
5. It Supports Hybrid Work
   Many of you use a hybrid model—perhaps two days in the office, three at home. SASE works anywhere. Its global network keeps connections fast and secure, whether employees are in your Idaho Falls office or a cabin in Island Park. You can set policies—like limiting access to key files by location—without slowing operations. It adapts to your business’s needs, whether your team is split or together.

Why Zero-Trust Keeps You Safe, Wherever Work Happens

Let’s talk about this return-to-office push for a sec. Trump’s executive order in January 2025 sent a clear message: he wants federal workers back in the office full-time, no exceptions unless absolutely necessary. It’s sparked a ripple effect—big corporations are tightening their own policies, and some Idaho businesses might feel the pressure to follow suit. But here’s the reality for most of you: hybrid’s not going anywhere. Your employees love the flexibility (who doesn’t want to skip the commute a couple days a week?), and it’s working.

So, hybrid’s here to stay for many of you. Zero-trust fits this like a glove. It doesn’t care where your team logs in from; it just keeps the guardrails up. And if you do go full office, zero-trust still has your back. It’s not tied to a physical perimeter—it’s about users, devices, and data, wherever they are.

Cybercriminals don’t stop, whether your team uses home Wi-Fi or the office network. Hybrid work mixes these environments, and older tools like VPNs or basic antivirus struggle to protect you. Zero-trust with SASE assumes nothing is safe—every device, user, and connection must verify itself. At home, it prevents a phishing email from locking your files. In the office, it stops one compromised device from affecting others. It’s constant security without extra staffing costs.

Four years ago, zero-trust restricted apps to navigate remote work challenges. Today, with SASE, it reduces costs, boosts employee satisfaction, and secures your business in a hybrid setting. Whether your team is at home in Kuna, in the office in Eagle, or on a job site in Caldwell, zero-trust with SASE provides dependable protection without complications.

Want to move past VPN struggles and improve security? Contact your IT provider—or reach out to us at TotalCare IT. We’re here to make this straightforward and effective for your business. Secure data, productive employees, and a strong operation—that’s what we aim for in Idaho.