Security crisis at the network edge
It's important to acknowledge that security risks associated with edge computing are different to those of a centralised environment.
Sensitive data can be compromised in a variety of ways. It can be corrupted, destroyed, inappropriately accessed or simply lost. More often it is stolen.
Headlines were made when 87 million Facebook records were harvested by political data firm Cambridge Analytica through the use of an app that collected vital details about subscribers to the popular social media platform.
Even worse, a staggering 1.1 billion personal records (representing all the registered citizens in India) were stolen by an anonymous band of criminals who then put the sensitive information up for sale via WhatsApp.
Security specialists around the globe are warning of a significant escalation in the number of data breaches, and a sizable rise in the value of these attacks, in 2019.
As companies increasingly employ digital solutions to meet ever-expanding productivity, efficiency and quality of service objectives, so security vulnerabilities increasingly manifest within the network infrastructure.
With the advent of the Internet of things (IOT), pervasive mobility and growing cloud service adoption, the network has become more distributed, and the need for enhanced security is now at its highest level, particularly at the network edge which is singled out as the most vulnerable area.
It is at the network's edge where corporate employees, customers, partners and vendors all connect with one another and the world at large.
The network edge has become what is described as "an attack zone".
Also, in today's sophisticated networks, any number of embedded systems may be used to monitor and control critical infrastructure. The data they gather is often read by specialised, yet frequently unattended and unsupervised, devices at the network's edge.
Consequently, the network edge has become what is described as "an attack zone". With more than 30 billion IOT devices expected to be connected by 2020, progressively effective solutions will be required at the network edge to maintain the integrity of the overall network, the data it contains and the organisation(s) it serves.
The growth of cloud computing and the proliferation of IOT systems developed and deployed in the cloud have created a raft of new business opportunities. However, they have also resulted in a significant increase in the challenges associated with data management and security. This is mainly because configuration routines and policy management frameworks geared for traditional on-premises infrastructures have not mutated seamlessly in the cloud.
For example, in many cloud and hybrid cloud scenarios, network controls are often handed off to third-party providers. Unfortunately, these cloud providers are looming ever-larger as targets for malicious attacks including distributed denial-of-service (DDoS) attacks which are becoming more common.
An example of a devastating DDoS attack is the well-documented assault on the Domain Name Systems provider, Dyn. The event caused major Internet platforms and services to go down across large parts of Europe and North America. The attack was caused by compromised, remotely located security cameras enlisted by hackers to work as an army of bots to maliciously infiltrate some of the largest and most secure Internet sites in the world.
A respected research group predicts that by 2020, a $5 billion black market will form for fake sensor and video data able to be used to compromise the integrity of data from legitimate IOT devices.
It's important to acknowledge that security risks associated with edge computing are different to the risks associated with a centralised environment, such as the cloud, and thus must be addressed accordingly.
With the cloud, all data will likely be in a single or small number of locations. On the other hand, with edge computing, data is decentralised, which makes it much more challenging to secure. It has also been noted that while edge computing is a relatively new technology, many "old" problems remain. These include weak log-in credentials, zero-day vulnerabilities and a general lack of updates.
Nevertheless, many industry watchers are confident that steady advancements in areas such as the physical security of endpoints, authentication of connected devices and the connections between IOT devices, the central network and the cloud will collectively become the catalyst needed to create a far more secure network perimeter or "demilitarised zone".
The IOT Security Foundation (IOTSF), a collaborative, non-profit organisation with a mission "to raise the quality bar and drive the pervasiveness of security in IOT" has comprehensively studied device and data security breaches and their impact on privacy, business activity, infrastructure and safety.
The IOTSF's published analyses are able to assist industry professionals and end-users to equip IOT devices with adequate security for their intended use, and ensure they are deployed appropriately by network planners and managers.
In this light, organisations must make smart, strategic investments in both the network edge and cloud services to avoid security gaps and the increasing challenges emanating from entrenched poor practices.
In 2019, it will be more important than ever to take long-term business decisions designed to follow coherent security policies and best practice guidelines.
Paul Stuttard is a director of specialist distributor Duxbury Networking. Currently Cape-based, he has been with the company for 29 years and has extensive experience in the IT industry, particularly within the value-added distribution arena. His focus is on the formulation of future-oriented network optimisation strategies and business development objectives in collaboration with resellers and end-users in Southern Africa.