Why the Adoption of Edge Computing Demands a New Approach to Data Security

“The edge will eat the cloud.” That’s according to Tom Bittman of Gartner, who made the prediction earlier this year as a result of the proliferation of the Internet of Things (IoT) devices forcing the connected world to centralize IT and data management.

Edge computing is defined as moving data processing power to the “edge” of a network, rather than transmitting it to the cloud or a central data warehouse to be analyzed and is taking shape in industries where inter-connected devices are becoming commonplace and data needs to be processed more efficiently.

Reaching new data horizons 
The automotive and manufacturing industries are already some of the biggest players to benefit from edge computing. They are implementing multiple IoT sensors into autonomous vehicles to detect movement in their surroundings and condition of the car’s features, such as a broken part that needs to be fixed to make servicing more efficient or a monitoring fuel use so that the best route can be taken.

Feeding this data through a network to a central data center or cloud system can be time consuming, which results in latency and even the potential of data loss.

Processing this information at the edge allows for faster response times and consistent data collection, suffering fewer interruptions over what would usually be a busy network. The same goes for connected cars, which are expected to send 25 gigabytes (GB) of data to the cloud every hour, according to Hitachi. The ability to edge compute will allow automotive organizations to analyze this data more efficiently, by processing it locally in real-time at its collection point.

Beyond automotive, the use of edge computing has benefits as far reaching as civil law enforcement. Research from Cambridge University has shown that police body cameras can “dramatically reduce the number of complaints against officers”. The results of this experiment, which saw complaints against officers fall 93% over 12 months compared with the year before, will lead to a rise in their use across police departments.

The increased roll out of body cameras in police forces calls for the use of edge computing. For example, edge computing would allow for an officer’s video feed to be compressed and encoded locally, sending short bursts of video to a local edge center. The upload process would be faster and reduce pressure on a central network, thereby minimizing the chances of data loss or damage. 

Retail point of sale (PoS) machines, used for receiving payments, could also see advantages from using edge computing. The process of sending credit card data to an edge computer removes the need to send sensitive information across a network and potentially exposing it to more vulnerabilities and threats. 

Encrypting the edge 
Crucially, the security implications of edge computing must be factored into an organization’s plans to use it. What some may not realize, is that it has the potential to simplify security management, because the organization has a clear idea of where the data is coming from and where it is going. If everything is being sent to a central data center or a cloud system, the high volumes of traffic can be hard to monitor for a business that doesn’t have enough resource to do so. Cyber- criminals can take advantage of this by intercepting the data unnoticed. 

However, the multiple sensors that are now collecting and sending data will increase the attack surface for an organization, with more points to be secured. Businesses need to have strong patch management in place that can be replicated quickly and rolled out to the different sensors collecting and sending data.

There is a misconception that hackers won’t go after these specific sensors, but hackers can use holes that haven’t been patched as a way of getting into an organization’s network under the radar. What’s more, once they can do this for one device, they can often use the same flaw to access data on hundreds, thousands or potentially even millions of others. 

Having the systems in place to allow companies to look inside of these connections, without interrupting them, is essential to ensure anything malicious has not been planted in them. Companies are also advised to encrypt the connections used for data transportation so that the data is rendered useless if a hacker manages to intercept it.

The increased efficiencies of edge computing must be balanced with strong security controls over the larger attack surface. This can be achieved through protecting and controlling the traffic, managing applications and touchpoints with a central system and SSL termination and content inspection – i.e. decrypting, inspecting, and re-encrypting all SSL traffic to and from their cloud applications and edge computing stations.

The growth in connected devices is pushing the industry to find more efficient ways to manage and analyze this new magnitude of data. We may soon start to witness the edge “eating” the cloud as the industry looks for a suitable, standardized way to manage the troves of data being produced by an increasingly inter-connected world. 

What’s Hot on Infosecurity Magazine?