- If your AI-generated code becomes faulty, who faces the most liability exposure?
- These discoutned earbuds deliver audio so high quality, you'll forget they're mid-range
- This Galaxy Watch is one of my top smartwatches for 2024 and it's received a huge discount
- One of my favorite Android smartwatches isn't from Google or OnePlus (and it's on sale)
- The Urgent Need for Data Minimization Standards
Improving Edge Computing Security in 2022 | The State of Security
More organizations are turning their eyes to edge computing as cloud adoption reaches new heights. Experts predict there will be 55 billion edge devices by 2022 as latency and resilience demands grow and 5G makes these networks possible. While this growth is impressive, it raises several security concerns.
Edge computing expands attack surfaces, and data centers lack the resources of traditional cloud infrastructure. If security approaches don’t shift to meet these new challenges, the edge may bring more risks than value.
Here are six ways companies can improve their security as companies prepare to expand their edge environments in 2022.
1. Zero-Trust Architecture
Another way edge environments can ensure security by design is to embrace a zero-trust approach. While many think of zero trust as a method of restricting user access, it applies to devices, too. Each edge device should only have access to what it absolutely needs, and even then, authenticate its identity before access.
Edge environments are too complex and full of endpoints to trust any network request. Implementing zero-trust security will ensure one endpoint doesn’t jeopardize the rest of the network. Zero-trust architecture also works well with SASE, as SASE provides the context necessary for situational authorization.
2. SASE
One of the most important security upgrades is secure access service edge (SASE) architecture. SASE brings wide-area networking (WAN) and network security services into a single cloud solution. This convergence gives organizations more transparency and control over their operations, which is essential for edge security.
Monitoring edge networks can be challenging given their distributed, endpoint-heavy nature. SASE makes it easier to look into and control these networks by reducing complexity and automating background security tasks. As IT sprawl rises and edge environments become increasingly complex, that benefit will become difficult to overlook.
Fewer than 1% of organizations had SASE strategies as of 2018, but Gartner predicts that figure to rise to 40% by 2024. As edge computing becomes more common, it may have to grow faster still.
3. Distributed Resiliency
Part of reliable cybersecurity is ensuring a network can continue functioning when a disruption occurs. Traditional data centers can ensure this resiliency through redundant on-premises infrastructure, but this isn’t an option for edge computing. That’s why nine out of 10 edge data center owners say that network-based distributed resiliency will become common in the next few years.
Distributed resiliency involves replicating data across multiple sites. That way, if one edge data center experiences disruption, the network can shift the workload to another center or across several. This setup lets these facilities mitigate disruptions and downtime without increasing their physical infrastructure.
4. Confidential Computing
As edge networks grow and handle more sensitive information, they should also employ confidential computing. This process encrypts data while in use, not just in storage or in transit. Since edge centers have limited infrastructure for securing their access and availability, this step is crucial for improving security.
Traditional computing methods leave data vulnerable right before, during, and immediately after processing, as they must decrypt it. Confidential computing uses hardware-based trusted execution environments (TEE) to lock this process behind encrypted doors, removing that vulnerability. If edge systems include these TEEs by design, they can scale without introducing security issues.
5. Standardization
One easily overlooked but critical part of edge computing security for 2022 is standardization. Since edge networks involve diverse endpoints with specific functions, they’re often eclectic and complex, making them difficult to manage. Standardizing security protocols and processes helps reduce this complexity, enabling faster responses.
Setting standard controls and security measures on the underlying cloud platform can help ensure consistency across the edge. When these networks become easier to manage, they become easier to secure. This standardization is also crucial for some of the edge’s most impressive applications.
Edge networks will likely prove essential for self-driving cars, but a delay of just 100 milliseconds is enough to cause a crash. By reducing complexity through standardization, edge environments can ensure faster data transmission and processing, preventing these accidents.
6. Physical Security
Edge computing adopters must also consider physical security. Organizations that move away from traditional data centers lose their privacy and access controls, even without realizing it. Since edge centers are more publicly accessible, they must include strong physical security controls.
Edge devices must include tamper-proof designs, locking mechanisms, and similar protections. Internal factors like hardware root of trust and ID authentication measures are also recommended. Since companies cannot continually monitor these locations, they must ensure no one can interfere with them through physical access.
Edge Computing Security Must Improve
The edge has the potential to revolutionize the world of cloud computing. However, companies must be careful not to overlook security considerations in their excitement to embrace this new technology. Edge security must improve before the edge becomes widespread.
These six steps provide a starting point for reliable edge security. Implementing these improvements will let organizations expand their edge environments without compromising cybersecurity.
About the Author: Devin Partida is a cybersecurity and data privacy writer whose work is regularly featured on Yahoo! Finance, Entrepreneur, AT&T’s cybersecurity blog, and other well-known industry publications. She is also the Editor-in-Chief of ReHack.com.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.