Edge computing promises to improve efficiency when it comes to how data is gathered, processed and analyzed, but it also creates the potential for a whole new threat landscape. IoT devices are notorious for their security loopholes and as users rush to get ahead of the curve and implement compute at the edge, it is quickly becoming a new “front line” in the cybersecurity battle. At the same time, edge compute architecture offers new opportunities to implement more sophisticated security layers to protect against threats. As organizations try to stay ahead of the evolving technology paradigm, it is essential to build an appropriate edge cybersecurity strategy in response.
Providing Protection At The Edge
Edge security places a gateway between devices at the edge and the rest of a company’s computing resources. Workloads performed at the edge need to be built with the same level of protection that is traditionally done in data centers. This includes checkpoints such as identity management, data encryption, zero trust networks and patch management.
Additionally, edge computing should include a disaster recovery (DR) plan. “Organizations lag when it comes to updating DR plans for edge computing,” says Dan Olds, partner at research firm OrionX Network. Some IoT devices have known vulnerabilities because the system installs are handled by end-users or perhaps run on uncommon operating systems. If these devices are mission-critical systems, edge computing provides a layer of protection and having a DR plan ensures that if breaches happen, risk is being managed.
Meeting Threats Upstream
One of the benefits of edge computing is that it allows you to scale with a workload regardless of location or size. As strains are put on the network, edge computing can scale up and down with demand. Not only does this ensure intelligent traffic steering that provides users with a high-quality experience, but it offers the security advantage of giving enterprises visibility up to the edge, meaning all potential threats can be met upstream where the trusted and untrusted zones meet.
Many Assets Means Many Vulnerabilities
Part of the challenge of securing all the devices on a network is knowing exactly what systems are on it. More non-IT personnel are managing connected devices, and in an effort to deploy them quickly, they can unintentionally bypass IT and the processes necessary to keep those devices secure. Mike Raggo, CSO at 802Secure, says, “If you’re responsible for asset management, you need to account for your IT assets across the company, whether these assets come in through IT or end user areas.” It is not only newer devices which create a challenge, but older ones as well. “The hardest thing about these older systems that have been connected over the past 25 years is that you can’t easily do discovery on them,” says Eddie Habibi, CEO of PAS Global.
Through a combination of device detection and an asset management system, assets can be kept track of in order to identify and minimize risks. Since each of these devices presents a risk, cybersecurity at the edge ensures that the whole network is not compromised by a breach in a single device. Identifying all the devices is a crucial first step in providing protection.
If you’d like assistance assessing your edge security infrastructure, talk to a section.io developer.