The rise of edge computing: What does it mean for cybersecurity?

Issue 7 2022 Infrastructure, Information Security

Prenesh Padayachee.
Prenesh Padayachee.

As the number of users and devices connected at the edge of a network continues to grow, organisations are increasingly distributing their computing ability and network resources closer to where those users and devices are located. Rather than transferring data to and from one centralised data centre or the cloud, edge computing reduces response times, decreases bandwidth usage and maximises the real-time value of data for applications, processing or storage, by bringing it all closer to the source.

With all these advantages, edge computing is becoming a matter of necessity, and according to Gartner[1], 75% of enterprise-generated data will be processed at the edge by 2025, compared to only 10% in 2018.

But with the many advantages that edge computing enables come new types of vulnerabilities. Centralised computing models and conventional approaches to IT security are not typically suited for this new, more distributed approach to networking. Cybercriminals are now presented with a much larger and more distributed attack surface. Considering that one device or endpoint at the edge could compromise the core of an entire network, edge computing requires new approaches to cybersecurity. With edge computing on the rise, these are some of the key edge security practices every organisation should consider.

The secure access service edge

As more organisations are moving to the cloud and edge computing platforms, they find themselves in an increasingly complex and distributed network environment that needs to be managed and secured remotely. This necessitates modern approaches to security that can reduce complexity, adapt dynamically and provide a centralised way of controlling and monitoring security across multiple locations.

The secure access service edge (SASE) model is the answer to this. SASE brings together wide-area networking (WAN) and network security functions into a single, cloud-delivered service model. This gives organisations greater control, transparency and consistency over their edge operations, enables multi-cloud networking and allows security functions to be adopted ‘as-a-service’. This relieves organisations from having to install security software and infrastructure at remote edge sites where there is no (or limited) IT staff.

The evolution of WAN

Today’s SASE approach is best represented by the convergence of SD-WAN with other network and security services. As the next evolution of WAN, a software-defined wide-area network (or SD-WAN) enables a centralised overview and control of an entire network, and allows organisations to leverage more advanced software-enabled capabilities. SD-WAN optimises bandwidth usage and reduces the complexity of edge environments – which may rely on various Internet service providers or be distributed across multiple clouds.

More importantly, it offers a wider range of integrated security features such as intrusion prevention systems, content filtering, anti-malware and geo-IP firewalling, and helps automate certain security functions. With centralised control and automation, SD-WAN makes it far easier for IT teams to monitor, control and update security across an entire network, in real time, from one place.

The Zero Trust approach

Traditionally, users and devices could be granted access to a network based on their location. Those within the core of a network or data centre could be trusted inherently as they are protected by rigorous on-premise security measures. But as organisations’ networks become more distributed, especially with more employees working from home, this approach to security no longer works. A Zero Trust security model is centred on the belief that no user or device can be trusted automatically. It demands various authentication steps to ensure each device is properly secured, and limits access to the minimum resources the user or devices need, and no more.

A defence-in-depth design

When one security mechanism fails, organisations need additional layers of security in place to limit the success of a cyberattack. Edge computing has many distributed nodes, which is why organisations should implement a defence-in-depth network (DDN) design that develops security zones with different defensive mechanisms for each zone. This should include a variety of mechanisms, such as intrusion detection systems (IDS), firewalls, data encryption and integrity solutions. Because multiple layers of security mean more complexity, organisations should also try standardising their security protocols and processes to simplify management and enable faster responses to threats.

Physical security is also often overlooked when it comes to securing each layer of a network. Since edge networks are more publicly accessible, it is important to have strong physical security measures that can prevent tampering or intrusion via the firmware of an edge device. Devices also need to be configured correctly, while being patched and tested for new vulnerabilities on a regular basis.

The importance of partnership

As organisations move to the cloud, expand their networks and bring computing closer to the edge, the growing complexity of a distributed and hybrid IT environment makes it more challenging for them to secure every aspect of their networks. As cybercriminals find new ways to infiltrate networks, it has become more important for businesses – big or small – to bolster their IT security at every level. But not every company has dedicated IT security teams or adequate security expertise to deal with all of today’s evolving threats. Those organisations should find a trusted partner in cybersecurity and networking to guide them and ensure that their digital transformation journey doesn’t come at the cost of compromising their business.

[1] https://www.gartner.com/smarterwithgartner/what-edge-computing-means-for-infrastructure-and-operations-leaders (or via the short link: www.securitysa.com/*gartner5).





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Read more...
NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Read more...
Smart mining operations management
Mining (Industry) Infrastructure IoT & Automation
In his presentation at the recent MESA Africa conference, Neels van der Walt, Business Development Manager at Iritron, revealed the all-encompassing concept of SMOM (Smart Mining Operations Management) and why it is inextricably linked to the future of worldwide mining operations.

Read more...
Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

Read more...
The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Read more...
Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Read more...
Cyber resilience – protect, defend, recover
Infrastructure
The challenge with AI is that threats are getting harder to detect. As a result, plans in 2024 are not just about detection and prevention, but about recovery.

Read more...
Powering business resilience and field operations
Infrastructure Products & Solutions
[Sponsored] The Anker 757 Portable Power Station emerges as a strategic asset for businesses looking to overcome power instability and the demand for operational efficiency in remote and field-based environments.

Read more...
Top bets for backup and business continuity
Infrastructure
Become your organisation’s data pioneer and spearhead data governance and protection of critical data. Challenge why best practices are not adopted or in place, while highlighting the inherent risks this poses.

Read more...