Edge computing provides compute, storage and network connectivity resources close to remote devices, which generate data that requires local analysis, storage or nearly instantaneous transmission. For example, caching streaming content closer to customers enables faster delivery and better overall UX.
Although it may not seem like a problem if a smart home speaker’s response lags when asked a query, imagine the disastrous consequences if there is a delay in data to an autonomous vehicle that needs to apply the brakes or if communications are intercepted by a hacker and manipulated.
Enter edge computing security.
Edge computing vs. data centers
These hypotheticals demand countermeasures to stop preventable accidents from occurring. One way to do this it to move the initial processing and analysis of data to the edge of the network. This can reduce latency and bandwidth, while improving performance and efficiency, and is a better alternative to sending data to a remote centralized data center. Reducing the data’s distance traveled for processing limits opportunities for hackers to intercept the data during transmission. With more data remaining at the network edge, central servers are less attractive targets for cyberattacks.
Data centers are considered fairly secure. This is partly because physical access to data centers is limited. This is in stark contrast to devices such as IoT sensors and monitors that do not have anywhere near the same amount of protection — particularly those that are physically remote or are difficult to monitor. Deploying data-generating IoT devices across a wide range of endpoints creates problems with network visibility and control. Plus, there are additional attack vectors and entry points that can be exploited to gain access to the core systems to which the edge devices eventually connect.
Securing the edge is further complicated by the fact that edge device use cases are so diverse and that most devices work differently. Edge devices are designed with assorted capabilities, configurations and versions that make tracking the threat landscape a challenge for security teams. Unfortunately, many devices also suffer from well-known shortcomings. For example, weak login credentials, zero-day vulnerabilities, lack of updates and use of outdated protocols, like controller area network bus, which were not designed to protect against modern threats.
Additionally, the small physical size of many edge devices makes them vulnerable to theft or physical attack. This is because they are often deployed in exposed locations, such as cell towers or locations that are not actively monitored and secured as with a traditional data center.
For an edge deployment to be secure, all data — both at rest and in motion — must be encrypted. Requiring multifactor authentication for access is highly recommended. Turn on trusted platform computing features where available to provide strong encryption and authentication. All traffic will need to travel over secure, hardened VPN tunnels, as data may travel over untrusted public networks. Encryption and access controls will also help mitigate some physical risks as any stolen data will be unreadable. For those devices not capable of strong encryption, security agents should be installed nearby to provide the computing power necessary to handle cryptographic security and provide protection against malicious activities.
Stubborn challenges to edge security remain
One area that continues to be a real challenge is updating and patching edge deployments. Automated patching and assertion are rarely possible across all devices. Constant iteration beyond the initial setup to deal with patching and emerging security issues must be in place. Ensuring that every device is patched is critical to maintaining a secure environment. While prevention is preferred, detection is a must. Employ proactive threat detection technologies focused on edge devices, gateways and supporting systems to identify potential issues early on. This can also help prioritize physical visits to devices.
There is no discernable industry consensus on edge computing security best practices. Any organization deploying edge computing needs to fully understand the security risks involved. After all, a network is only as strong as its weakest link. Vet vendors on their security architectures and how security patches and updates are handled. Organizations need to be able to propagate patches quickly if a vulnerability is discovered that impacts thousands of edge sites.
Incorporating security into the design process is key to securing devices on the edge. Unfortunately, vendors are nowhere near close to the point where security is reliable enough to prevent the majority of attacks. It is up to network managers to implement a layered security strategy to compensate for the inherent weaknesses in today’s edge devices.