Edge computing security risks and how to overcome them

2 minute read

Updated:

Edge computing deploys computing resources outside the data center that is closer to end devices, such as IoT elements. This leads to the loss of the physical security of the data center, as well as the network and data security measures that are applied by the software/ hardware that reside in the data center.

πŸ’‘ This article sums the benefits and risks associated with edge computing, as well as best practices for edge security and recommendations on vendors and products.

Benefits of Edge’s Network Security

  • It provides local encryption and other security features - Inexpensive IoT sensors lack of security features, and edge computing can secure this traffic at a low cost.
  • It can isolate local devices from denial-of-service-attacks (DoS) by effectively removing them from direct connections to the internet.

Edge Computing Risks

  1. Data storage, backup and protection risks
    • If the edge device is stole entirely, it might be difficult or impossible to back up / restore critical files because EC is limited with local resources.
  2. Password and authentication risks
    • Maintaining the edge systems might not be supported by IT professionals who are securely conscious - which leads to the encouragement of lax password discipline.
    • Edge systems might not employ strong authentication measures such as two-factor authentication, for the convenience of users/ administrators.
  3. Perimeter defense risks
    • Edge computing expands the IT perimeter - edge systems might have to authenticate their application with partner apps in the data center.
    • It then stores the credentials at the edge - the breach of edge security might lead to a more significant security breach.

Best Practices for EC security

  1. Use access control and surveillance to enhance the physical security at the edge
  2. Control edge configuration and operation from central IT operations
  3. Establish audit procedures to control data and app hosting changes at the edge
  4. Apply the highest level of network security between device
  5. Treat the edge as a part of the public cloud portion.
  6. Monitor and log all edge activity, particularly activity relating to operations and configuration.

Key edge security vendors and products

  • Security/firewall products from the major vendors - Cisco, Juniper, Palo Alto Networks - can help protect the edge from attack.
  • Application control and security at the edge should be a function of IT operations tools, including DevOps – Chef, Puppet, Ansible – and container orchestration tools such as Kubernetes.
  • Popular monitoring tools include Argus, Nagios and Splunk.
  • Specific support for intrusion detection and prevention is available from tools such as SolarWinds Security Event Manager, OSSEC, Snort and Suricata.
  • A good problem-tracking and management system is essential for edge computing, including OSSEC, Tripwire and Wazuh.

Resources

Leave a comment