The rise of edge computing: What does it mean for cybersecurity?

Issue 7 2022 IT infrastructure, Cyber Security

Prenesh Padayachee.
Prenesh Padayachee.

As the number of users and devices connected at the edge of a network continues to grow, organisations are increasingly distributing their computing ability and network resources closer to where those users and devices are located. Rather than transferring data to and from one centralised data centre or the cloud, edge computing reduces response times, decreases bandwidth usage and maximises the real-time value of data for applications, processing or storage, by bringing it all closer to the source.

With all these advantages, edge computing is becoming a matter of necessity, and according to Gartner[1], 75% of enterprise-generated data will be processed at the edge by 2025, compared to only 10% in 2018.

But with the many advantages that edge computing enables come new types of vulnerabilities. Centralised computing models and conventional approaches to IT security are not typically suited for this new, more distributed approach to networking. Cybercriminals are now presented with a much larger and more distributed attack surface. Considering that one device or endpoint at the edge could compromise the core of an entire network, edge computing requires new approaches to cybersecurity. With edge computing on the rise, these are some of the key edge security practices every organisation should consider.

The secure access service edge

As more organisations are moving to the cloud and edge computing platforms, they find themselves in an increasingly complex and distributed network environment that needs to be managed and secured remotely. This necessitates modern approaches to security that can reduce complexity, adapt dynamically and provide a centralised way of controlling and monitoring security across multiple locations.

The secure access service edge (SASE) model is the answer to this. SASE brings together wide-area networking (WAN) and network security functions into a single, cloud-delivered service model. This gives organisations greater control, transparency and consistency over their edge operations, enables multi-cloud networking and allows security functions to be adopted ‘as-a-service’. This relieves organisations from having to install security software and infrastructure at remote edge sites where there is no (or limited) IT staff.

The evolution of WAN

Today’s SASE approach is best represented by the convergence of SD-WAN with other network and security services. As the next evolution of WAN, a software-defined wide-area network (or SD-WAN) enables a centralised overview and control of an entire network, and allows organisations to leverage more advanced software-enabled capabilities. SD-WAN optimises bandwidth usage and reduces the complexity of edge environments – which may rely on various Internet service providers or be distributed across multiple clouds.

More importantly, it offers a wider range of integrated security features such as intrusion prevention systems, content filtering, anti-malware and geo-IP firewalling, and helps automate certain security functions. With centralised control and automation, SD-WAN makes it far easier for IT teams to monitor, control and update security across an entire network, in real time, from one place.

The Zero Trust approach

Traditionally, users and devices could be granted access to a network based on their location. Those within the core of a network or data centre could be trusted inherently as they are protected by rigorous on-premise security measures. But as organisations’ networks become more distributed, especially with more employees working from home, this approach to security no longer works. A Zero Trust security model is centred on the belief that no user or device can be trusted automatically. It demands various authentication steps to ensure each device is properly secured, and limits access to the minimum resources the user or devices need, and no more.

A defence-in-depth design

When one security mechanism fails, organisations need additional layers of security in place to limit the success of a cyberattack. Edge computing has many distributed nodes, which is why organisations should implement a defence-in-depth network (DDN) design that develops security zones with different defensive mechanisms for each zone. This should include a variety of mechanisms, such as intrusion detection systems (IDS), firewalls, data encryption and integrity solutions. Because multiple layers of security mean more complexity, organisations should also try standardising their security protocols and processes to simplify management and enable faster responses to threats.

Physical security is also often overlooked when it comes to securing each layer of a network. Since edge networks are more publicly accessible, it is important to have strong physical security measures that can prevent tampering or intrusion via the firmware of an edge device. Devices also need to be configured correctly, while being patched and tested for new vulnerabilities on a regular basis.

The importance of partnership

As organisations move to the cloud, expand their networks and bring computing closer to the edge, the growing complexity of a distributed and hybrid IT environment makes it more challenging for them to secure every aspect of their networks. As cybercriminals find new ways to infiltrate networks, it has become more important for businesses – big or small – to bolster their IT security at every level. But not every company has dedicated IT security teams or adequate security expertise to deal with all of today’s evolving threats. Those organisations should find a trusted partner in cybersecurity and networking to guide them and ensure that their digital transformation journey doesn’t come at the cost of compromising their business.

[1] https://www.gartner.com/smarterwithgartner/what-edge-computing-means-for-infrastructure-and-operations-leaders (or via the short link: www.securitysa.com/*gartner5).





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Industrial control systems under attack
News Cyber Security
According to Kaspersky ICS CERT statistics, from January to September 2022, 38% of computers in the industrial control systems (ICS) environment in the META region were attacked using multiple means.

Read more...
ALM a key element of data security
IT infrastructure
ALM is core to any data security framework in the digital age and it is an element that no business can afford to be careless with.

Read more...
Integrate, integrate, integrate
IT infrastructure
Security and speed will always war for dominance in DevOps but it’s time to integrate the two as the landscape becomes increasingly fractious and complex.

Read more...
Sasol ensures Zero Trust for SAP financials with bioLock
Technews Publishing Editor's Choice Cyber Security Security Services & Risk Management
Multi-factor authentication, including biometrics, for SAP Financials from realtime North America prevents financial compliance avoidance for Sasol.

Read more...
The benefits of Managed File Transfer
IT infrastructure Products
Blue Turtle Technologies looks into how a Managed File Transfer platform benefits businesses, as opposed to the usual FTP or SFTP suspects.

Read more...
Accelerating your Zero Trust journey in manufacturing
IT infrastructure Cyber Security Industrial (Industry)
Francois van Hirtum, CTO of Obscure Technologies, advises manufacturers on a strategic approach to safeguarding their businesses against cyber breaches.

Read more...
Cyber resilience is more than cybersecurity
Technews Publishing Editor's Choice Cyber Security Integrated Solutions IT infrastructure
Hi-Tech Security Solutions held a round-table discussion focusing on cyber resilience and found that while the resilience discipline includes cybersecurity, it also goes much further.

Read more...
Keeping devices in check
Cyber Security Asset Management, EAS, RFID IT infrastructure
Kaspersky patents new technology for analysing relationships between electronic devices to counter cyberattacks launched through connected IoT devices.

Read more...
IQ WiFi 6 supporting users and security installers
IT infrastructure Products
The IQ WiFi 6 is a new purpose-built mesh router solution for homes and businesses with security, automation and Wi-Fi devices.

Read more...
Considering cloud downtime insurance?
Arcserve Southern Africa Cyber Security IT infrastructure Security Services & Risk Management
Byron Horn-Botha, business unit head, Arcserve Southern Africa, reveals three vital steps that you must consider to ensure business continuity before you buy insurance.

Read more...