As the number of users and devices connected at the edge of a network continues to grow, organisations are increasingly distributing their computing ability and network resources closer to where those users and devices are located. Rather than transferring data to and from one centralised data centre or the cloud, edge computing reduces response times, decreases bandwidth usage and maximises the real-time value of data for applications, processing or storage, by bringing it all closer to the source.
With all these advantages, edge computing is becoming a matter of necessity, and according to Gartner[1], 75% of enterprise-generated data will be processed at the edge by 2025, compared to only 10% in 2018.
But with the many advantages that edge computing enables come new types of vulnerabilities. Centralised computing models and conventional approaches to IT security are not typically suited for this new, more distributed approach to networking. Cybercriminals are now presented with a much larger and more distributed attack surface. Considering that one device or endpoint at the edge could compromise the core of an entire network, edge computing requires new approaches to cybersecurity. With edge computing on the rise, these are some of the key edge security practices every organisation should consider.
The secure access service edge
As more organisations are moving to the cloud and edge computing platforms, they find themselves in an increasingly complex and distributed network environment that needs to be managed and secured remotely. This necessitates modern approaches to security that can reduce complexity, adapt dynamically and provide a centralised way of controlling and monitoring security across multiple locations.
The secure access service edge (SASE) model is the answer to this. SASE brings together wide-area networking (WAN) and network security functions into a single, cloud-delivered service model. This gives organisations greater control, transparency and consistency over their edge operations, enables multi-cloud networking and allows security functions to be adopted ‘as-a-service’. This relieves organisations from having to install security software and infrastructure at remote edge sites where there is no (or limited) IT staff.
The evolution of WAN
Today’s SASE approach is best represented by the convergence of SD-WAN with other network and security services. As the next evolution of WAN, a software-defined wide-area network (or SD-WAN) enables a centralised overview and control of an entire network, and allows organisations to leverage more advanced software-enabled capabilities. SD-WAN optimises bandwidth usage and reduces the complexity of edge environments – which may rely on various Internet service providers or be distributed across multiple clouds.
More importantly, it offers a wider range of integrated security features such as intrusion prevention systems, content filtering, anti-malware and geo-IP firewalling, and helps automate certain security functions. With centralised control and automation, SD-WAN makes it far easier for IT teams to monitor, control and update security across an entire network, in real time, from one place.
The Zero Trust approach
Traditionally, users and devices could be granted access to a network based on their location. Those within the core of a network or data centre could be trusted inherently as they are protected by rigorous on-premise security measures. But as organisations’ networks become more distributed, especially with more employees working from home, this approach to security no longer works. A Zero Trust security model is centred on the belief that no user or device can be trusted automatically. It demands various authentication steps to ensure each device is properly secured, and limits access to the minimum resources the user or devices need, and no more.
A defence-in-depth design
When one security mechanism fails, organisations need additional layers of security in place to limit the success of a cyberattack. Edge computing has many distributed nodes, which is why organisations should implement a defence-in-depth network (DDN) design that develops security zones with different defensive mechanisms for each zone. This should include a variety of mechanisms, such as intrusion detection systems (IDS), firewalls, data encryption and integrity solutions. Because multiple layers of security mean more complexity, organisations should also try standardising their security protocols and processes to simplify management and enable faster responses to threats.
Physical security is also often overlooked when it comes to securing each layer of a network. Since edge networks are more publicly accessible, it is important to have strong physical security measures that can prevent tampering or intrusion via the firmware of an edge device. Devices also need to be configured correctly, while being patched and tested for new vulnerabilities on a regular basis.
The importance of partnership
As organisations move to the cloud, expand their networks and bring computing closer to the edge, the growing complexity of a distributed and hybrid IT environment makes it more challenging for them to secure every aspect of their networks. As cybercriminals find new ways to infiltrate networks, it has become more important for businesses – big or small – to bolster their IT security at every level. But not every company has dedicated IT security teams or adequate security expertise to deal with all of today’s evolving threats. Those organisations should find a trusted partner in cybersecurity and networking to guide them and ensure that their digital transformation journey doesn’t come at the cost of compromising their business.
[1] https://www.gartner.com/smarterwithgartner/what-edge-computing-means-for-infrastructure-and-operations-leaders (or via the short link: www.securitysa.com/*gartner5).
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version