Maksim Kabakou - Fotolia

Security Think Tank: Beware security blind spots at the edge

That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model?

Jordon Kelly
By
  • Jordon Kelly, ISF

While the traditional idea of the centralised datacentre is not going anywhere anytime soon, there is growing recognition that the way in which organisations process, store and analyse data is changing. The operating models of many organisations now point to the requirement for a decentralised approach, with many moving to the cloud to best meet the needs of the business.

Edge computing refers to the decentralised processing of data by devices located on the periphery, or “edge”, of a specific network environment. Using a web of interconnected devices across an expansive geographic area, edge computing provides a decentralised alternative to the traditional model of processing data in a central location.

The re-emergence of what is now referred to as edge computing is largely due to the growing prevalence of the internet of things (IoT), and the need for real-time data processing with minimal latency. Edge computing has been heavily adopted in sectors such as renewable energy, manufacturing, agriculture, defence and automotive. Because of the requirement for near-instantaneous processing, the demand for a decentralised architecture will only increase in the coming years.

With more and more physical devices dispersed across a greater number of locations – all connected but with the ability to process, store and analyse data independently – security professionals are presented with a far broader threat landscape.

Edge computing and associative technologies make it increasingly difficult for security professionals to carry out initiatives such as security monitoring, which creates security blind spots. This provides ample opportunity for threat actors, including nation states, hacktivists and hackers, to target edge computing devices and carry out attacks to steal valuable IP or commit acts of espionage.

There is, however, light at the end of the tunnel, or perhaps more aptly, the edge of the network. There are several actions that security professionals can begin implementing to better secure edge computing architecture and devices:

  • Carry out a thorough information risk assessment to determine the potential risks of implementing a decentralised operating model versus a centralised solution to data processing.
  • Update security policies and processes to incorporate edge computing, and consider creating a hybrid security approach that incorporates both cloud and edge computing.
  • Create and maintain a secure architectural framework for edge computing.
  • Review physical security processes and procedures and identify potential points of failure that could be introduced through edge computing solutions and mesh networks.
  • Identify blind spots in security event and network management systems that may cause attacks against edge computing devices to go undetected.
  • Create network segmentation and isolation protocols to reduce the impact of a cyber attack and the potential spread of malicious software across the wider mesh and corporate network.
  • Provide security specialists, such as SOC staff, with training to cover the monitoring of edge computing solutions and response to edge computing-related threats.
  • Implement regular and in-depth penetration testing on edge computing environments, including hardware components.

This list is by no means exhaustive, but it provides a number of considerations for how organisations can protect their investment in edge computing as a decentralised solution for data processing, storage and analysis.

We can expect this trend to grow in popularity as more organisations realise the greater opportunities that edge computing offers in terms of supporting innovative technologies that rely on high-speed, near-instantaneous connectivity.

Content Continues Below

Read more on Cloud security

Start the conversation

Send me notifications when other members comment.

SearchCIO

  • 5 ways to keep developers happy so they deliver great CX

    Companies need to work on ensuring their developers are satisfied with their jobs and how they're treated, otherwise it'll be ...

  • Link software development to measured business value creation

    Companies must balance customer needs against potential risks during software development to ensure they aren't ignoring security...

  • 5 digital transformation success factors for 2021

    With the right planning, leadership and skills, companies can use digital transformation to drive improved revenues and customer ...

SearchSecurity

  • 8 benefits of a security operations center

    A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. ...

  • Weighing remote browser isolation benefits and drawbacks

    Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost ...

  • Compare 5 SecOps certifications and training courses

    Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat ...

SearchNetworking

  • Network pros share Cisco DevNet certification advice

    Cisco DevNet certifications require a lot of time investment, but network pros who pursue the certifications say the gained ...

  • Cloud automation use cases for managing and troubleshooting

    Cloud automation use cases highlight the benefits these tools can provide to companies evaluating how best to manage and ...

  • A look inside the official Cisco DEVASC 200-901 guidebook

    In this book excerpt, readers can explore the Cisco DEVASC 200-901 official guide and get a flavor of one of Cisco's newest exams...

SearchDataCenter

  • Avoid server overheating with ASHRAE data center guidelines

    Finding the right server operating temperature can be tricky. ASHRAE standards provide guidance for all server classes and what ...

  • Hidden colocation cost drivers to look out for in 2021

    These unexpected charges and fees can balloon colocation costs for enterprise IT organizations.

  • 5 ways a remote hands data center ensures colocation success

    Off-site hardware upkeep can be tricky and time-consuming. With remote hands options, your admins can delegate routine ...

SearchDataManagement

  • IBM to deliver refurbished Db2 for the AI and cloud era

    IBM has a tuned-up version of Db2 planned, featuring a handful of AI and machine learning capabilities to make it easier for ...

  • Fauna improves data API collaboration and security

    A database company founded by former Twitter engineers is pushing forward its vision of a way to consume database as a service ...

  • Yellowbrick data warehouse update boosts workload management

    Hybrid cloud data warehouse vendor updates platform with self-healing cluster capabilities and a "penalty box" feature to improve...

Close