Paul Mazzucco is Chief Security Officer for TierPoint.
Industrial applications that leverage the Internet of Things (IoT), 5G, and artificial intelligence (AI) often require response times than can’t be realized under a traditional model of transmitting data to a centralized data center for processing before it’s returned to the user.
As a result, data center providers now have clients demanding geolocation for lower latency. By moving workloads closer to the point of use, often referred to as ‘the edge,’ providers can drive down latencies and expand their use of technology to applications that require near-instantaneous data gathering and processing. Effectively leveraging edge computing, however, is not without its risks, and businesses will need to adjust their IT security strategy to reduce their exposure.
Three Ways Edge Computing Can Put Your Data at Risk
While security professionals are always responding to new types of attacks with new technologies, the vulnerability calculus remains relatively straightforward: New devices and processes often have data content delivery and efficiency as their primary mandates, rather than security.
Bots. Because 5G networks offer lower latencies, organizations will find more ways to leverage edge devices, and the number of connected devices will continue to grow exponentially. A lot of edge computing is happening through Application Programming Interfaces or APIs. Unfortunately, more than 70 percent of edge devices don’t mandate authentication for third-party APIs, and more than 60 percent don’t encrypt data natively. This lack of control makes these devices easy targets for hackers who can not only steal data directly from the devices but also infect them with malicious code or ‘bots.’
Distributed Denial of Service (DDoS). If the objective of an attack isn’t carried out immediately, an infestation of your edge devices could go unnoticed for months or even years. For example, the sole purpose of the bots infecting devices may be to carry out a DDoS attack against your or someone else’s systems at a later date. And 5G networks will allow attackers to carry out these delayed attacks with amazing speed and efficiency.
AI and Machine Learning. The exponential rise of IoT devices in the last few years is just the tip of the exploitation spear. Bad actors are using well-funded machine learning labs to make their attacks more efficient and profitable. As a result, connected devices may be more infected than we realize and with far more malicious malware than we appreciate. Bots are now intelligent enough to analyze what they ‘see’ so they can create more powerful ways of targeting your systems. Just because ‘bot armies’ haven’t been mobilized yet, doesn’t mean they aren’t ready to go, at the push of a button.
Best Practices for Protecting Your Systems and Data
Here are a few important ways you can protect your systems and data from edge security threats.
Extend your perimeter. With so much data stored and handled at the edge, organizations must extend their security perimeter by deploying to edge devices volumetric flood DDoS, advanced Layer 7 and bot protections. While the bad guys are using AI and machine learning to improve the efficacy of their attacks, many of the newer security applications and tools also use AI and machine learning to better understand attack behaviors, thus strengthening security against future attacks. Understanding bot traffic, looking at encrypted net flows, and quickly writing behavioral protections to edge devices are all being done now with advanced neural networks and AI labs.
Reinforce your security. Make sure you have next-generation security appliances and the ability to employ autonomous protection strategies. Software defined networks and the mandates for faster data delivery at the edge have forced the next generation of firewalls and other protection services to be faster and smarter. But the edge is not where that system fortification stops. Using end-point protection services (e.g., antivirus) and malware protections – along with real-time system monitoring in a SIEM tool – will enable better decisions in response to real-time attacks.
Apply general security fundamentals to stay ahead of new threats. Remember your fundamentals. Although edge computing creates a larger attack surface, creating the opportunity for bot armies to launch increasingly sophisticated attacks, basic security fundamentals still apply. For example, you should ensure your data is properly encrypted, whether it’s at rest (on your device or in your data center) or in motion (in transit). Compliance violations and security breaches due to the theft of devices containing unencrypted data happen every day.
Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Informa.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating.