The rise of edge computing: What does it mean for cybersecurity?

Issue 7 2022 Infrastructure, Information Security

Prenesh Padayachee.
Prenesh Padayachee.

As the number of users and devices connected at the edge of a network continues to grow, organisations are increasingly distributing their computing ability and network resources closer to where those users and devices are located. Rather than transferring data to and from one centralised data centre or the cloud, edge computing reduces response times, decreases bandwidth usage and maximises the real-time value of data for applications, processing or storage, by bringing it all closer to the source.

With all these advantages, edge computing is becoming a matter of necessity, and according to Gartner[1], 75% of enterprise-generated data will be processed at the edge by 2025, compared to only 10% in 2018.

But with the many advantages that edge computing enables come new types of vulnerabilities. Centralised computing models and conventional approaches to IT security are not typically suited for this new, more distributed approach to networking. Cybercriminals are now presented with a much larger and more distributed attack surface. Considering that one device or endpoint at the edge could compromise the core of an entire network, edge computing requires new approaches to cybersecurity. With edge computing on the rise, these are some of the key edge security practices every organisation should consider.

The secure access service edge

As more organisations are moving to the cloud and edge computing platforms, they find themselves in an increasingly complex and distributed network environment that needs to be managed and secured remotely. This necessitates modern approaches to security that can reduce complexity, adapt dynamically and provide a centralised way of controlling and monitoring security across multiple locations.

The secure access service edge (SASE) model is the answer to this. SASE brings together wide-area networking (WAN) and network security functions into a single, cloud-delivered service model. This gives organisations greater control, transparency and consistency over their edge operations, enables multi-cloud networking and allows security functions to be adopted ‘as-a-service’. This relieves organisations from having to install security software and infrastructure at remote edge sites where there is no (or limited) IT staff.

The evolution of WAN

Today’s SASE approach is best represented by the convergence of SD-WAN with other network and security services. As the next evolution of WAN, a software-defined wide-area network (or SD-WAN) enables a centralised overview and control of an entire network, and allows organisations to leverage more advanced software-enabled capabilities. SD-WAN optimises bandwidth usage and reduces the complexity of edge environments – which may rely on various Internet service providers or be distributed across multiple clouds.

More importantly, it offers a wider range of integrated security features such as intrusion prevention systems, content filtering, anti-malware and geo-IP firewalling, and helps automate certain security functions. With centralised control and automation, SD-WAN makes it far easier for IT teams to monitor, control and update security across an entire network, in real time, from one place.

The Zero Trust approach

Traditionally, users and devices could be granted access to a network based on their location. Those within the core of a network or data centre could be trusted inherently as they are protected by rigorous on-premise security measures. But as organisations’ networks become more distributed, especially with more employees working from home, this approach to security no longer works. A Zero Trust security model is centred on the belief that no user or device can be trusted automatically. It demands various authentication steps to ensure each device is properly secured, and limits access to the minimum resources the user or devices need, and no more.

A defence-in-depth design

When one security mechanism fails, organisations need additional layers of security in place to limit the success of a cyberattack. Edge computing has many distributed nodes, which is why organisations should implement a defence-in-depth network (DDN) design that develops security zones with different defensive mechanisms for each zone. This should include a variety of mechanisms, such as intrusion detection systems (IDS), firewalls, data encryption and integrity solutions. Because multiple layers of security mean more complexity, organisations should also try standardising their security protocols and processes to simplify management and enable faster responses to threats.

Physical security is also often overlooked when it comes to securing each layer of a network. Since edge networks are more publicly accessible, it is important to have strong physical security measures that can prevent tampering or intrusion via the firmware of an edge device. Devices also need to be configured correctly, while being patched and tested for new vulnerabilities on a regular basis.

The importance of partnership

As organisations move to the cloud, expand their networks and bring computing closer to the edge, the growing complexity of a distributed and hybrid IT environment makes it more challenging for them to secure every aspect of their networks. As cybercriminals find new ways to infiltrate networks, it has become more important for businesses – big or small – to bolster their IT security at every level. But not every company has dedicated IT security teams or adequate security expertise to deal with all of today’s evolving threats. Those organisations should find a trusted partner in cybersecurity and networking to guide them and ensure that their digital transformation journey doesn’t come at the cost of compromising their business.

[1] (or via the short link:*gartner5).

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Enhanced cellular connectivity is critical for farm safety
Infrastructure Agriculture (Industry)
In South Africa, the safety of our rural communities, particularly on farms, is a pressing concern. Nearly 32% of South Africa’s 60 million people live in these areas, where security challenges are constantly in the spotlight.

All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Revolutionising networking technology for the future
Infrastructure IoT & Automation
[Sponsored] In the fast-evolving landscape of networking technology, RUCKUS Networks stands out as a trailblazer, offering innovative solutions that redefine connectivity experiences across various industries.

Projections for 2024’s Advanced Threats Landscape
News & Events Information Security
Kaspersky Global Research and Analysis Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of Advanced Persistent Threats (APT).

Edge could help transform South Africa’s healthcare
Axis Communications SA Infrastructure
Edge computing has emerged as a game-changing technology for many industries, and the healthcare sector is no exception. In particular, South Africa’s healthcare industry could significantly benefit from the potential of this technology.

Cloud platform for cyber resilience in the hybrid enterprise
The Commvault Cloud brings together data protection, security, intelligence, and recovery on one platform, offering AI capabilities to defeat cyber threats, and includes integration with Microsoft Azure OpenAI Service.

Trellix detects collaboration by cybercriminals and nation states
News & Events Information Security
Trellix has released The CyberThreat Report: November 2023 from its Advanced Research Centre, highlighting new programming languages in malware development, adoption of malicious GenAI, and acceleration of geopolitical threat activity.

SA enterprises can benefit from AI-driven cybersecurity
AI & Data Analytics Information Security
Cybercrime is big business, and threat actors deploy cutting-edge tools to carry out attacks. Fortunately, cybersecurity is constantly evolving to meet and counter the threats they face.

Rapid rise in DNS attacks drives demand for new approach
Infrastructure Risk Management & Resilience
As ransomware grows more sophisticated and DNS attacks become more frequent, businesses are increasingly trying to protect themselves by adopting innovative approaches and technologies to bolster the integrity and security of their backup systems.

Africa Online Safety Fund announces grant winners
News & Events Information Security
The Africa Online Safety Fund (AOSF) has announced the winners of this year’s grants; among them are five organisations operating in South Africa to educate people about online risks.