Addressing IoT and edge computing security challenges

Edge computing provides computing, storage, and network connectivity resources close to remote devices that generate data that requires local analysis, storage, or near-instantaneous transmission. Edge computing can bring many benefits, such as caching streamed content closer to customers, which can speed up delivery and improve the overall user experience.

While a delayed response from a smart home may not seem like a big problem, it could have catastrophic consequences if a self-driving car needs to brake and the data is delayed or intercepted or manipulated by a hacker.

Edge computing security will be needed here.

[[285576]]

Edge computing and data centers

In these hypothetical situations, we need to take steps to prevent preventable incidents. One way to do this is to move the initial processing and analysis of data to the edge of the network, which can reduce latency and bandwidth while improving performance and efficiency, and is a better approach than sending data to a remote centralized data center. Because the shorter the distance data travels, it reduces the possibility of hackers intercepting data during transmission. As more data remains at the edge of the network, it also makes central servers a less attractive target for cyber attacks.

Data centers are considered fairly secure, in part because physical access to them is limited. This is in stark contrast to devices such as IoT sensors and monitors, which are very remote or difficult to monitor. Deploying IoT devices that generate data across a wide range of endpoints creates network visibility and control issues. In addition, remote endpoints can be exploited by attackers to access the core systems to which edge devices are ultimately connected.

The use cases for edge devices are diverse, and most devices work differently, making protection at the edge very complex. Edge devices often have a variety of capabilities, configurations, and versions, making it a challenge for security teams to track threat status. Moreover, many devices have well-known flaws. For example, weak login credentials, zero-day vulnerabilities, lack of updates, and use of outdated protocols such as the controller area network bus - which were not designed to protect against modern threats.

At the same time, many edge devices are small and therefore vulnerable to theft or physical attack. This is because they are often deployed in exposed locations, such as cell towers or locations that are not actively monitored and protected, unlike in traditional data centers.

To ensure the security of edge deployments, all data must be encrypted, both at rest and in motion. Multi-factor authentication for access is strongly recommended. Where available, enable trusted platform computing capabilities to provide strong encryption and authentication. Because data may be transmitted over untrusted public networks, all traffic needs to pass through a secure, hardened VPN tunnel. Encryption and access controls will also help mitigate some of the physical risks, and even if the device is stolen, its data will be unreadable. For those devices that cannot be strongly encrypted, a security agent should be installed nearby to provide the computing power needed to handle encryption security and protect against malicious activity.

Edge security still presents difficult challenges

One of the real challenges for edge security is updating and patching edge deployments. Automatic patching and declaration across all devices is a nearly impossible task. Beyond the initial setup, constant iterations must be done to address fixes and emerging security issues. Enterprises should ensure that every device is patched, which is critical to maintaining a secure environment. While prevention is the top priority, detection must also be done. Enterprises should deploy proactive threat detection technology, focusing on edge devices, gateways, and supporting systems to detect potential issues as early as possible. This can also help prioritize physical access to devices.

There is no industry consensus on edge computing security best practices. For any enterprise deploying edge computing, it is necessary to fully understand the security risks involved. After all, the strength of a network is only as strong as its weakest link. Enterprises should review the vendor's security architecture and how they handle security fixes and updates. If a vulnerability is found that affects thousands of edge sites, the enterprise needs to be able to quickly deploy a patch.

The key to ensuring edge device security is to consider security during the design process. However, vendor edge devices are far from being able to protect against most attacks. Therefore, network administrators should deploy a layered security strategy to compensate for the inherent weaknesses of today's edge devices.