There must have once been a golden age when networks were small, and data stores and users working on PCs were near enough for there to be little or no latency, and everything was completely secure. If such a golden age ever existed, it certainly doesn’t at the start of 2021. Staff are probably no longer based in secure offices but are working from home, perhaps even using their own devices. Also, many organizations are growing their use of edge computing.
Originally, edge computing was little more than an Internet of Things (IoT) device, perhaps sensing gas flow through a pipe or the temperature inside a commercial greenhouse, that reported back to an application running at head office, which would keep track of events throughout the day. The next obvious step was to add some device that could remediate any unwanted conditions. In this example, it might cause the flow of gas to be increased or decreased, or the ventilation could be increased or decreased. And the remediating device was usually at the same location as the monitoring device.
Because IoT devices could produce huge volumes of data, this led to an increase in the amount of data flowing across the network and a delay between information being received and any action being taken. The next stage was to add computing power to the edge device so that data could be monitored locally, and any measures needed could be taken immediately. This overcame problems, such as bandwidth issues and latency issues.
This model is sometimes called fog computing, where peripheral IoT devices produce huge volumes of data that is processed locally rather than being sent over the network to be processed. The computing devices and the data-generating devices are at the same location.
Learn More: 4 Factors Shaping Edge Computing in a Post-COVID WorldÂ
Edge Deployments Soar
And so, Gartner gave us a definition of edge computing as “a part of a distributed computing topology in which information processing is located close to the edge – where things and people produce or consume that information.â€
So, basically, with edge computing, the application that is running at the edge has a close association with its edge location. More-and-more, organizations are enjoying the benefits of processing and storing data faster resulting in business-critical applications completing more efficiently.
With the increased use of cloud computing, it may well be that the data being used for edge computing isn’t stored on the corporate network but is located in the cloud somewhere. It may be that the applications being used to process data from the edge are also stored in the cloud. Wide Area Networking (WANs) can extend corporate networks over a large geographic area, usually using leased telecommunication circuits. And they’re taking cloud capabilities to smaller-and-smaller deployments at the very edge of the network. This leads to a distributed architecture where components are hosted on different platforms and communicate using the network.
Nowadays, edge computing might be defined as a way of providing application developers, and service providers cloud computing capabilities, as well as an IT service environment, at the edge of a network. The reason for doing this is to provide processing power, data storage, and appropriate levels of bandwidth at the same location as the end-user or data input device. This avoids the problems mentioned above with latency and unreliable bandwidth. Obviously, not all situations require a cloud at the edge, but where it is needed, having it can hugely increase performance.
The benefits of edge computing for a business are reducing network latency and operational expenses, saving bandwidth usage, and real-time data processing. Many people believe that edge computing will improve uptime and resilience because it will reduce the number of network failures an organization experiences.
Learn More: Edge Data Centers: The Cure for LatencyÂ
Securing the Edge
What makes security such an important issue is that with edge computing, the IT resources are located outside the core network.
Although it may not always be possible, the first line of defense for an organization is to prevent physical attacks on the edge device. This may mean physically preventing access to the device and preventing hackers from tampering with nodes, and gaining control over sensors. Any exposed ports on the device should be disabled. And anything embedded in non-volatile memory should be encrypted and write-protected.
Many IoT devices have never been configured because no one has ever logged into them before they were deployed. IT teams must ensure that all IoT devices are configured securely and any passwords used are as strong as possible.
IT security teams must ensure that the firmware on the devices has not been tampered with. They must encrypt the data stored within the device. All inbound and outbound communications must be secure, and the device needs to be able to detect and report any attempted cyberattacks.
Learn More: What is Unified Threat Management? Â
Edge Security: Don’t Overlook New Risks
Associated with edge computing is an edge gateway. The point of the gateway is to connect the IoT device or nodes to the cloud. It can also provide computing power so that appropriate applications serving the needs of customers and the edge device can run. It can be used to provide security functions such as authentication/authorization, encryption/decryption, integrity checking, etc.
The edge security gateway can function as a firewall/UTM (Unified Threat Management) and can provide a variety of security functions, such as packet filtering, proxy, intrusion detection, and prevention systems, protection against malware, application control, etc.
Firmware updates must take place regularly to ensure that edge devices are secure against known malware attacks. Otherwise, any vulnerabilities could be exploited, and the device, and then the corporate network, could be hacked.
Any data sent to the corporate network needs to be secured to prevent it being intercepted and modified. TLS (Transport Layer Security) or SSH (Secure Shell) is the secure cryptographic protocol typically used over the Internet. For network traffic, the security standards are IEEE 802.1AE MACsec on an Ethernet LAN and WPA2 on wireless networks.
And it may well be that edge computing devices have access to more cloud data than they are meant to. They may well be able to access sensitive data that shouldn’t be available to them. It may have been quicker for IT teams to give every similar device the same authorization level – to get them online and working. This is a security risk, and IT teams need to ensure that devices have the security clearance they need and no higher.
Tools You Need to Meet Edge Security Challenges
There are a number of newer security protocols that can be used to ensure edge devices are secure.
- CASB: A cloud access security brokerOpens a new window (CASB) is cloud-based software or on-premises hardware or software that is placed between cloud service users and cloud applications. Its purpose is to monitor all activity and enforce corporate security policies, including cloud-specific ones.
- FWaaS: A Firewall as a Service (FWaaS) can be used to move firewall functionality to the cloud rather than the perimeter of the network. This firewall functionality is provided as a cloud-based service, with the advantage that users can partially or fully move security inspection to a cloud infrastructure. All network traffic is aggregated into the cloud, allowing a security policy to be enforced on WAN and Internet traffic.
- Zero Trust approach: Zero Trust is a way of working where an organization won’t automatically trust anything inside or outside its perimeters and they must verify anything and everything trying to connect to its systems before granting access.
In 2019, Gartner came up with the idea of Secure Access Service Edge (SASE, which is pronounced ‘sassy’). SASE combines existing edge security techniques such as wide area networking and network security services like CASB, FWaaS, and Zero Trust.
Final Thoughts
Modern edge computing offers many advantages to an organization but, at the same time, opens up many security vulnerabilities. It’s vitally important that organizations using edge computing harden the security of their edge devices, their networks, and their nodes to avoid a data breach. Â
Do you think edge computing strategy is right for latency-sensitive applications? Comment below or let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d love to hear from you!