The overriding premise behind setting up a business is to make handsome ROI and this occasions cutting unnecessary costs. Edge computing comes on this basis to shift focus more to the source of data as a way of improving response times and saving bandwidth.
Since you have to move closer to the source of data, there is always a high probability of jettisoning your otherwise well-articulated security measures. What most businesses fail to put into consideration is the absolute need to balance the accruable benefits with the potent security risks.
If you are involved in the ongoing back and forth between centralized and decentralized IT, you must have begun to see the limitations of a centralized IT. You probably have also started questioning the rationale behind having hundreds or thousands of industry-standard servers running a host of applications in consolidated data centers.
This is not helped by having new types of workloads and distributed computing. If you sum up all of these with the fast pace of IoT, you definitely have a good cause for the observable rise in edge computing.
The new realization now is that processing at the edge brings compute closer to data accumulation and hence the need to shift focus from running everything within the data center. However, this portends its own set of security risks.
Before looking at the benefits, it’s worthwhile to consider what risks edge computing portends.
New edge computing security risks you must be aware of
Edge computing comes along with several new security risks and the one that may bother you the most is the physical security of the devices. Edge computing devices tend to be more vulnerable to malicious attacks and mishaps of all kinds than typical office equipment and technology.
The reason may not be far-fetched since your typical office equipment and technology are understandably safely held within corporate walls. In your bid to embark on a highly distributed model, you are bound to encounter a physical security and integrity threat.
The probabilities are high that miscreants out there will attempt to tinker with your device. It, therefore, becomes highly imperative that you carry out a thorough examination of your physical security of handsets, edge devices, and micro data centers.
If your business operates micro data centers usually placed at the base of cell towers as is the case with a lot of telecommunication outfits, you are a good target for attacks that will be launched via this potentially weak physical vulnerability. Incidentally, this vulnerability is virtually non-existent in corporate data centers and large cloud providers.
Like a lot of other organizations that will embark on edge computing, you will face the challenge of understanding, tracking, and monitoring what data you have and where. You must be able to configure what protections you require at the various points based on the data and vulnerabilities specific to each endpoint and how to govern what may soon become a sprawling infrastructure to many businesses.
The fact that you are keeping data on the edge simply means you’re exposing the system to more vulnerability. With devices that are often small and mostly not built with security in mind, you’ll have serious issues with paying attention to updates.
What all these boil down to is a heightened case of cyberattacks, you end up inadvertently providing attackers with an easy entry point into the network, which can then be capitalized upon to gain access to the primary systems that the edge devices are eventually connected to.
While this may not altogether be a new threat, you have been able to amplify it because of the larger volume of what you are doing and the attention you have brought to bear on the edge which formerly did not use to have so much activity.
Security benefits you get from edge computing
As you have seen that edge computing may be fraught with some security risks, there are, however, some security-related benefits. One thing you can’t take away from it is the fact that it’s more resilient.
Rather than having one or two data centers that are close and can easily be impacted by a big attack, you have a group of distributed data centers from where you can compute on the edge. This confers more resilience in your business, you are better positioned to handle malicious and nonmalicious events.
Another plus for edge computing is that you don’t have situations where a single attack can compromise large amounts of a company’s data, you have a sort of buffer against a catastrophic incident. This may be translated into having more security since your data is largely spread out rather than being concentrated or centralized at a point, the impact of a breach, if it occurs, can, therefore, be better managed.
The good news is that IoT device vendors are rising up to the occasion by making concerted efforts in adding more edge computing security elements to their products as a result of criticisms they have suffered in recent years for not doing enough on that front. California’s 2018 IoT security law, which, starting in 2020, mandates manufacturers of connected devices to include security features designed to prevent unauthorized access. Their efforts at modification and information disclosure have come a long way in pushing the case further to the front-burner.
What you still need to do
It’s of utmost importance that you create the right atmosphere for the cultivation of new skills within your security team. This will enable them to effectively handle the new types of security and compliance challenges that edge computing brings.
There is an undeniable need for your security workers to develop more knowledge in security virtualized network infrastructure, rules-based access control policies, and multi-tenant virtualized server infrastructure. All the fundamental security and compliance acumen they have gathered over the years must not only be retained but must all also be constantly on the red alert.
Miscreants and hackers are not relenting and the security, compliance and privacy risks, as well as governance-needs that exist today, may even become more pronounced with edge computing.
Image source: Flickr