Challenges at the Edge: Security
Edge computing is growing exponentially, and is part of a cybersecurity landscape with new risks that organizations must be aware of and prepared for.
Edge computing is a distributed IT architecture that enables data storage and processing at the periphery (or edge) of the network, as close to the end user as possible. At the edge, connected devices transmit data to a local interconnected colocation facility instead of sending it back to the cloud or a central data center, ensuring the lowest latency possible.
Edge computing keeps the specific data that needs to be processed near the end user, reducing the amount of data the server has to handle. This dramatically increases the speed and efficiency of collecting, processing, and analyzing data, improving performance and reducing operational expenses.
However, with the exponential growth of edge computing comes increased security risks that organizations will need to consider.
Security risks at the Edge
The security risks inherent in edge computing are very different from those encountered in a traditional data center or even the cloud. With edge computing, data is decentralized and distributed across numerous machines and devices. The more connected devices you add to your network, the more potential vulnerabilities you create.
This situation is compounded by the growth of the Internet of Things (IoT). IoT is becoming an integral part of how many organizations operate, with Gartner estimating that in 2020, over half of all major new business systems and processes will employ IoT devices. Organizations that adopt IoT technology mistakenly believe that they can use the same security controls, processes, and checkpoints they use for private data centers and the cloud. Traditionally, IT has secured devices inside the perimeter with firewalls and anti-malware software. With IoT, however, there is no perimeter.
What’s worse, IoT technology is notorious for its lack of security. IoT devices are not always designed with robust security in mind and even when they are, they can lack regular security updates. IoT devices can also be easy targets for cyber-criminals because they often don’t verify the credentials of connections. Indeed, a recent Hewlett Packard Enterprise study revealed that 84% of 3,100 line of business and IT pros said their companies have experienced an IoT-related breach.
“Security at the edge remains a huge challenge, primarily because there are highly diverse use cases for IoT, and most IoT devices don’t have traditional IT hardware protocols. So the security configuration and software updates which are often needed through the lifecycle of the device may not be present,” says Barika Pace, research director at Gartner.
“This is why when we talk about security in edge computing, tracking the threat landscape becomes more challenging,” she adds.
Bringing security to the Edge
Enterprise security in an IoT world can be a daunting task, and edge computing is going to reshape the way we understand and practice cybersecurity. Unfortunately, many organizations will likely have to learn some hard lessons along the way. Luckily, there are some key best practices that, when implemented from the beginning, will significantly strengthen your security in an edge computing environment and likely spare you the pain of a successful cyber-attack.
When you don’t know something exists, you can’t secure it. The first step in securing an edge computing environment is device discovery—you must locate and document every device on your network.
Organizations must have a comprehensive, up-to-date database of all devices in their environment, the information each device is gathering and sharing, and the specific risks and vulnerabilities they pose to the environment. Device discovery must distinguish between on-network and off-network assets and wired and wireless assets. It is also crucial to invest in near-real-time monitoring capabilities, ensuring continuous monitoring of all devices and network traffic.
Device profile creation
While documenting and monitoring all the devices on your network is crucial, this is only a first step. You must also create a detailed profile of each and every device.
Profiles should include information pertaining to: the purpose of the device; the device’s normal behavior; what ports the device uses; the types of traffic the device sends and receives; and typical traffic destinations. Fortunately, creating device profiles doesn’t require spending time reading multiple manufacturer manuals or paying vendors for support. There are tools available that monitor device behavior and can then automatically create device profiles based on that information.
Create and enforce device policies
Once you have a comprehensive list of all of the devices on your network and you have successfully created profiles for them, it’s time to establish and enforce device policies.
Device policies include information such as what ports each device is allowed to use, what happens when a device performs an action outside of their profile (such as sending information to an atypical destination), and who does and does not have permission to log in to these devices. You also must determine what happens when devices violate policies. What security protocols are activated? Is a trouble ticket created? Is the device booted off the network? Is it put into a temporary quarantine zone? This can be done with network access control (NAC) software.
Change all default passwords
IoT devices often have built-in default passwords from the manufacturer. These passwords should be changed as soon as possible because they are often known to cyber-criminals. Before you do anything with an IoT device, make sure you change the default password with your own organization’s criteria for password creation.
Although still somewhat of a nascent technology, edge computing is growing exponentially. Gartner predicts that by 2025, 75% of enterprise-generated data will be created and processed outside a traditional centralized data center or cloud. Cybersecurity must adapt to accommodate this new threat landscape.
As the need for edge computing in IoT environments grows, so will the need to connect to local, interconnected data centers. Netrality’s colocation facilities – located in close proximity to end users – provide the ultra low latency and processing speed enterprises will need to not only adopt edge computing, but to monitor all activity on edge devices and ensure their evolving infrastructures are always secure. Contact us for more information.