How can the operational benefits of extensive adoption of the edge computing be matched with a security strategy that considers the company as a whole? Lucy Kerner, director of Security Global Strategy and Evangelism of Red Hat explains this to us
Despite being a relatively new technological term, the concept of edge computing has already been established. It didn’t take long for companies to understand the advantages of the ability to perform computing activities right where applications are running, and the speed is definitely the most obvious. Software operates faster if they do not have to reach a data center located hundreds, even thousands, miles away and, for companies where even milliseconds count , we think about high-frequency financial trading, automated vehicles and device monitoring
Moreover, even where latency is appreciable, but not critical , as in the case of content streaming, manufacturing and intelligent public services , today’s
The all-up race has begun. By 2022, it is estimated that 55 billion edge devices will be on the market. By 2025, this figure is expected to grow to 150 billion and beyond if the impact of remote working practices of the COVID era is taken into account. We talk about devices available in multiple shapes and sizes, from IoT sensors to Internet routers, from wearable technology to factory robots.
But not everyone is thrilled. For years, companies have been taught that IT security depends on centralization of operations. Whatever is outside the perimeter therefore seems intuitively risky, especially because more external devices involve a greater attack surface and, even if everyone can constitute a mini-environment, nobody is isolated since at some point it will have to send data and information to data centers
How can companies reconcile these risks of edge computing with its irrefutable benefits? The answer lies in addressing security as part of a holistic strategy where the edge is not an enemy and the security inherent in architecture from the beginning. This will simply extend your environment, safe and resilient, and security will enable rather than compromise.
In this context, there are two decisive aspects: the systems operating in the edge and the network connecting these to each other and to the main systems. Consistency is the key to both. If standard security protocols and processes make everything easier to manage, and therefore safer, the best edge devices tend to be built with a very specific task in mind and often come from different suppliers.
Implementing them is a symptom of eclecticism by design, the opposite of standardization, and to adopt a common platform on which to build the edge stack as an extension of its main infrastructure you need to take a step towards the hybrid cloud.
This is where the standards of security, operating system, ID and access controls, vulnerability management and data encryption are established to name a few; and all in line with the container and Kubernetes toolkits used to maintain innovation in the
Then comes network security. Companies increasingly use third-party SD-WAN technology to manage their expanding networks; but they should devolve it to MSSP (Managed Security Service Provider) experts who are building SASE (Secure Access Service Edge) solutions. As a result, they disassemble the wrong idea that the edge computing means giving up central control, allowing security teams to look at their entire network in a unified vision. From this central console, any aspect of security policy, threat prevention and remediation can be defined, monitored and executed. Coherence is combined with automation to further improve posture and l’edge security is transformed from perimeter activity dislocated into one of the fundamental principles of a strategy.
Companies should therefore see these two aspects If this happens, there is no limit to how far the edge can go.