Beware security blind spots at the edge
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model?
While the traditional idea of the centralised datacentre is not going anywhere anytime soon, there is growing recognition that the way in which organisations process, store and analyse data is changing. The operating models of many organisations now point to the requirement for a decentralised approach, with many moving to the cloud to best meet the needs of the business.
Edge computing refers to the decentralised processing of data by devices located on the periphery, or “edge”, of a specific network environment. Using a web of interconnected devices across an expansive geographic area, edge computing provides a decentralised alternative to the traditional model of processing data in a central location.
The re-emergence of what is now referred to as edge computing is largely due to the growing prevalence of the internet of things (IoT), and the need for real-time data processing with minimal latency. Edge computing has been heavily adopted in sectors such as renewable energy, manufacturing, agriculture, defence and automotive. Because of the requirement for near-instantaneous processing, the demand for a decentralised architecture will only increase in the coming years.
With more and more physical devices dispersed across a greater number of locations – all connected but with the ability to process, store and analyse data independently – security professionals are presented with a far broader threat landscape.
Edge computing and associative technologies make it increasingly difficult for security professionals to carry out initiatives such as security monitoring, which creates security blind spots. This provides ample opportunity for threat actors, including nation states, hacktivists and hackers, to target edge computing devices and carry out attacks to steal valuable IP or commit acts of espionage.
There is, however, light at the end of the tunnel, or perhaps more aptly, the edge of the network. There are several actions that security professionals can begin implementing to better secure edge computing architecture and devices:
- Carry out a thorough information risk assessment to determine the potential risks of implementing a decentralised operating model versus a centralised solution to data processing.
- Update security policies and processes to incorporate edge computing, and consider creating a hybrid security approach that incorporates both cloud and edge computing.
- Create and maintain a secure architectural framework for edge computing.
- Review physical security processes and procedures and identify potential points of failure that could be introduced through edge computing solutions and mesh networks.
- Identify blind spots in security event and network management systems that may cause attacks against edge computing devices to go undetected.
- Create network segmentation and isolation protocols to reduce the impact of a cyber attack and the potential spread of malicious software across the wider mesh and corporate network.
- Provide security specialists, such as SOC staff, with training to cover the monitoring of edge computing solutions and response to edge computing-related threats.
- Implement regular and in-depth penetration testing on edge computing environments, including hardware components.
This list is by no means exhaustive, but it provides a number of considerations for how organisations can protect their investment in edge computing as a decentralised solution for data processing, storage and analysis.
We can expect this trend to grow in popularity as more organisations realise the greater opportunities that edge computing offers in terms of supporting innovative technologies that rely on high-speed, near-instantaneous connectivity.