The rapid proliferation of IoT devices is changing the way IT architects modernize their infrastructures. Clearly, data and analysis has moved further out to the edge, with a wide range of sensors and monitoring devices gathering information for almost every conceivable purpose — from smart buildings and electrical grids to factories, airplanes, cars, and retail outlets. In fact, the expansion to the edge is so pronounced that Gartner predicts that by 2025, 75 percent of enterprise data will be generated and processed outside the traditional datacenter or cloud.
The unfortunate by-product of this growth is the inevitable temptation by bad actors to exploit edge device vulnerabilities and compromise the data. New edge computing security threats, which can include lateral attacks, account theft, entitlement theft, DDoS attacks, and more, can cause more than just service disruption. They pose a fundamental challenge to the way security professionals deploy data at the edge to ensure a secure and reliable flow of vital information throughout the enterprise.
Edge Computing Security Risks
IoT and edge devices are often deployed far outside a centralized data infrastructure or datacenter, making it fundamentally harder to monitor from both a digital and physical security standpoint. There are a range of edge computing security risks that IT architects must keep top of mind:
1. Data Storage and Protection:
Data that is gathered and processed at the edge lacks the hardened physical security of more centralized assets. By simply removing a disk drive from an edge resource, or by copying data from a simple memory stick, vital information can potentially be compromised. And because of limited local resources, it can be more difficult to ensure reliable data backup.
Passwords and Authentication:
Edge devices are often not supported by security-minded operations professionals, and many have very lax password discipline. In fact, hackers have sophisticated ways to compromise password protocols. In 2017 a “botnet barrage” (where bots were deployed to search for devices running default passwords) attacked 5,000 IoT devices at a university campus by 5,000 discrete systems, looking for weak passwords.
As companies deploy more and more edge devices to manage a wider array of operations, it gets harder to track and monitor. Over time, devices may even outgrow boundaries of the edge, creating bandwidth overcrowding and endangering the security of multiple devices. As it grows, IoT traffic also increases latency and can compromise security when data is sent unprocessed.
Apply the “5 Ps” Policy for Edge Computing Security
Broadly speaking, edge security should always incorporate the “5 Ps”:
People are often the most susceptible assets. Individuals must be trained on cyber security tactics, learnings must be constantly re-enforced, and there must be a change in cultural mindset on the importance of edge computing security.
Policies and Procedures:
Proper governance of edge security should be routine, and people must be reminded on how and when to remain vigilant.
It’s important to itemize the things that people must actually do to fully mitigate edge security risk.
Organizations must understand what components go into an end-to-end cyber security solution — connecting hardware to software, devices to servers, and from operations to IT.
All of the above must be regularly tested to find and shore up vulnerabilities. Without a regular cadence of testing and remediation, edge computing security can become outdated.
Implement Zero Trust Edge Access
Another key solution to the edge computing security conundrum is to apply a “zero trust” or “least access” policy to all edge devices. In this scenario, cyber security professionals allow only the minimal amount of access for each device that is needed to do its job. IoT devices typically have a singular purpose and communicate with a small number of other servers or devices, so it should be easier to use a narrow set of security protocols. One example is a security camera that sends video surveillance data to a cloud repository or server. By applying an access control policy to the camera network, you can limit access only to the resources they need. If one device is compromised, it’s much harder for a hacker to inflict damage on additional resources.
Ensure Physical Security of Connected Devices
Edge deployments typically reside outside the central data infrastructure, making physical security a critical component. Organizations must implement controls to prevent the dangers of others physically tampering with devices, adding malware to assets, swapping or interchanging devices, and creating rogue edge data centers. Security personnel should know how to tamper-proof edge devices and employ tactics such as hardware root of trust, crypto-based ID, encryption for in-flight and at-rest data, and automated patching.
Looking forward to a career in Cyber Security? Then check out the Certified Ethical Hacking Course and get skilled. Enroll now!
Address the Challenges for a Growing Industry
The IoT industry is transforming the way companies manage data and analysis. And with the IoT market on pace to grow to over $2.4 trillion annually by 2027 (with more than 41 billion IoT devices to be deployed), cyber security professionals have the responsibility to stay informed with the latest best practices to ensure their edge computing infrastructure stays as secure as the central core. Simplilearn provides a wide array of cyber security bootcamps and certification courses to help professionals and enterprises ensure that they have the right skills and knowledge to secure infrastructure of any size or type. Check it out today!