How Secure is Edge Computing?
The edge is where the action is, but is it secure?
Rather than relying solely on centralized data centers, edge computing distributes processing and storage capacity closer to where the data is generated. This has enormous advantages for businesses that are processing time-sensitive data or operating in remote locations, where there is limited or no connectivity to a centralized location. There’s been significant adoption of edge computing in healthcare, manufacturing and automotive industries, particularly over the last few years.
Edge computing is part of a distributed computing topology where information processing is located close to the network edge, where devices and people produce or consume that information.
Worldwide spending on edge computing is expected to reach $176 billion in 2022, an increase of 14.8% over last year, according to new figures from analyst IDC.
- Healthcare greatly expanded its use of the edge computing architecture during the pandemic — raising usage of digital imaging, remote healthcare and assisted living facilities.
- Following the 2020 slowdown, manufacturing companies are bolstering supply chain and inventory management skills.
- The automotive industry is investing in production facilities that incorporate automation technologies, wireless connectivity and autonomous systems.
The edge is where the action is, but is it secure?
Pushing processing, storage and security to the network edge, where the devices are, frees users from reliance on centralized infrastructure. While this decoupling is a major benefit, the threat to devices and networks at the edge is increasing. Cybercriminals and other bad actors are finding new ways to exploit vulnerabilities.
The shift to work from home and hybrid work environments has primarily affected user access points to enterprise networks. The trend has led also to a sharp increase in exploit activity against older VPN devices and other remote access, underscoring several security issues:
- The rapid proliferation of devices at the network edge has greatly expanded the attack surface, giving threat actors many more opportunities to use these systems to penetrate the larger corporate network.
- Many of the servers and storage systems that companies use for edge processing are targets in their own right because of their specific data. They are often less protected than servers hosted at enterprise locations, centralized cloud data centers or colocation facilities.
- ISPs, device manufacturers, system integrators and other stakeholders have started to integrate their own edge computing capabilities for customers and partners — a trend that raises questions of ownership and responsibility for edge security.
How are security organizations responding to edge computing threats?
Strategic planning and deployment of a Secure Access Service Edge (SASE) architecture is now the focus after the global pandemic forced organizations to manage two to three times the previous number of remote workers. SASE combines network security functions such as secure web gateways and cloud access security brokers with secure software-defined wide area networking (SD-WAN) capabilities.
The SASE model delivers:
- Streamlined implementation via consolidation of networking and security services
- Simplified policy management to assess and mitigate through a single portal
- Reduced latency routing traffic across an expansive network that is closer to the user
- Single global network enabling customers to expand perimeter to remote user, branch office, device or application
- Identity-based network access leaning heavily on zero-trust based on factor combinations and with significantly higher protocols than VPN.
Three tips for better edge security
1. Implement a risk-based approach.
Begin threat modeling by asking the following questions: What is the attack surface? What’s exposed, and in what way?
After identifying the risks, prioritize and address them (mitigation, acceptance, off-loading, etc.)
2. Consider increasing security.
Implement physical controls to mitigate risks related to tampering, malicious device additions, device swapping and privilege escalation
Plan for a mix of physical and cloud-based security solutions for SASE to work effectively. Examples include internal data centers, remote locations with poor physical security and monitoring, and cloud environments.
3. Educate employees on Edge/SASE paradigms.
Edge doesn’t work with legacy topologies and solutions. Use edge as an enabler for IT modernization.
Building Observability for the Future
About the Authors
Product Engineer - Government Solutions
The role of Product Engineer for Government Solutions is a natural fit for Jeff Tehovnik with his diverse and complimentary skillsets in Development, Cloud Network Infrastructure, and Security. Jeff has been working in IT since 1998 and graduated from Virginia Commonwealth University (BS-IS 2012, MS-CISS 2014) and the SANS Technology Institute (PGC Ethical Hacking & Penetration Testing). Jeff also enjoys research and educating on Technical Information Security Topics including Network Security Monitoring and Advanced Persistent Threats. In addition to recently passing the CCSP exam, Jeff holds the CISSP, GCIH, GPEN, GWAPT, GXPN and VMware NSX: Micro-Segmentation certificates. When he’s not delving into the cloud, Jeff enjoys Reading, Fishing, and Vacationing at the beach with his wife and kids. He is also an avid Hockey Fan.Read more about Jeffrey Tehovnik