View all on-demand sessions from the Intelligent Security Summit here.
The new paradigm shift to the decentralization of data can be a benchmark for change in how organizations approach edge security.
Cyberattacks can exacerbate existing security vulnerabilities and expose new gaps at the edge, presenting IT and security personnel with a range of challenges. Infrastructure must withstand the vulnerabilities associated with the proliferation of devices generating, capturing and consuming data outside of the traditional data center. The need for a holistic cyber resilience strategy has never been greater – not only for protecting data at the edge, but also for consolidating the protection of all a company’s endpoints into centralized data centers and public clouds.
But before we dive into the benefits of a holistic cyber resilience framework, it might help to better understand why the edge is often susceptible to cyberattacks, and how following some proven security best practices can help keep it safe. improve. edge defenses.
Contents
The impact of human error
Conventional IT wisdom says that security is only so strong in its weakest link: humans.
Human error can make the difference between a failed attack and one that causes application downtime, data loss, or financial loss. More than half of new enterprise IT infrastructure will be at the edge by 2023, according to IDC. Moreover, Gartner predicts that by 2025 75% of enterprise-generated data is created and processed outside of a traditional data center or cloud.
The challenge is securing and protecting critical data in edge environments where the attack surface is growing exponentially and near-instantaneous access to data is a requirement.
With so much data coming and going from an organization’s endpoints, the role people play in ensuring its security is magnified. For example, if you don’t practice basic cyber hygiene (reusing passwords, opening phishing emails, or downloading malicious software), a cybercriminal could get the keys to the kingdom without anyone in IT knowing.
In addition to the risks associated with ignoring standard security protocols, end users can bring unapproved devices into the workplace, creating additional blind spots for the IT organization. And perhaps the biggest challenge is that edge environments are usually not staffed with IT administrators, so there is a lack of oversight of both the systems deployed at the edge and the people using them.
While capitalizing on data created at the edge is critical to growth in today’s digital economy, how can we overcome the challenge of securing a growing attack surface as cyber threats become more sophisticated and invasive than ever?
A multi-layered approach
It may seem like there are no simple answers, but organizations can start by addressing three fundamental key elements of security and data protection: Confidentiality, Integrity, and Availability (CIA).
- Confidentiality: Data is protected from unauthorized observation or disclosure, whether in transit, use or when stored.
- Integrity: data is protected against alteration, theft or deletion by unauthorized attackers.
- Availability: Data is highly available to authorized users only when needed.
In addition to applying CIA principles, organizations should consider adopting a multi-layered approach to protecting and securing infrastructure and data at the edge. This generally falls into three categories: the physical layer, the operational layer, and the application layer.
Physical layer
Data centers are built for physical security with a set of policies and protocols designed to prevent unauthorized access and physical damage or loss of IT infrastructure and the data stored therein. On the edge, however, servers and other IT infrastructure are likely to be located next to an assembly line, in a store’s warehouse, or even in the base of a streetlight. This makes data much more vulnerable at the edge, requiring hardened solutions to help ensure the physical security of the edge application infrastructure.
Best practices for physical security at the edge include:
- Monitoring of infrastructure and devices throughout their entire lifecycle, from supply chain and factory to operation to disposal.
- Prevent systems from being modified or accessed without permission.
- Protection of vulnerable access points, such as open ports, from malicious parties.
- Prevent data loss if a device or system is stolen or tampered with.
Operational layer
In addition to physical security, IT infrastructure is subject to another set of vulnerabilities once it is operational at the edge. In the data center, the infrastructure is deployed and managed according to a series of tightly controlled processes and procedures. However, edge environments tend to lag behind specific security software and necessary updates, including data protection. The sheer number of devices deployed and the lack of visibility into the devices makes it difficult to secure endpoints compared to a centralized data center.
Best practices to consider for securing IT infrastructure at the edge include:
- Ensuring a secure startup spin-up for infrastructure with an uncompromising image.
- Control access to the system, such as locking ports to prevent physical access.
- Install applications in a known safe environment.
Application layer
Once you get to the application layer, data protection is much like traditional data center security. However, the large amount of data transfer combined with the large number of endpoints inherent in edge computing opens up attack points as data travels between the edge, the core data center and to the cloud and back.
Best practices to consider for application security at the edge include:
- Securing external connection points.
- Identification and locking of exposures related to backup and replication.
- Ensuring that application traffic comes from known sources.
Recovering from the inevitable
While CIA and a layered approach to edge security can significantly reduce risk, successful cyberattacks are inevitable. Organizations need the assurance that they can quickly recover data and systems after a cyber attack. Recovery is a critical step in resuming normal business operations.
sheltered harbour, a non-profit organization founded to protect financial institutions – and the public’s trust in the financial system – has been advocating the need for cyber recovery plans for years. It recommends that organizations back up critical customer account data nightly, either by managing their own data vault or by engaging a participating service provider to do it on their behalf. In both cases, the data vault must be encrypted, immutable and completely isolated from the institution’s infrastructure (including all backups).
By transporting data at the edge to a regional data center or to the cloud through an automated, air-gapped solution, organizations can ensure its immutability for data trust. Once in the vault, it can be analyzed for proactive detection of any cyber risk to protected data. Preventing data loss and minimizing costly downtime with in-vault analysis and recovery tools can help ensure data integrity and speed recovery.
Backup-as-a-service
Organizations can address edge data protection and cybersecurity challenges by deploying and managing holistic, modern data protection solutions on-premises, at the edge, and in the cloud, or by leveraging Backup as-a- Service (BaaS) solutions. Through BaaS, businesses large and small can take advantage of the flexibility and economies of scale of cloud-based backup and long-term retention to protect critical data at the edge, which can be especially important in remote work scenarios.
With BaaS, organizations have a greatly simplified environment for managing protection and security, as there is no data protection infrastructure to deploy or manage – it’s all delivered from the cloud. And with subscription-based services, IT stakeholders have a lower cost of entry and a predictable cost model for protecting and securing data across their edge, core, and cloud environments, giving them a virtual trifecta of protection, security, and compliance.
As part of a larger zero trust or other security strategy, organizations should consider a holistic approach that includes cybersecurity standards, guidelines, people, business processes, and technology solutions and services to achieve cyber resilience.
The threat of cyber-attacks and the importance of maintaining data confidentiality, integrity and availability require an innovative resilience strategy to protect vital data and systems – whether at the edge, core or multi-cloud.
Rob Emsley is director of product marketing for data protection at Dell Technologies.
Data decision makers
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including the technical people who do data work, can share data-related insights and innovation.
To read about advanced ideas and up-to-date information, best practices and the future of data and data technology, join DataDecisionMakers.
You might even consider contributing an article yourself!
Read more from DataDecisionMakers
Janice has been with businesskinda for 5 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider businesskinda team, Janice seeks to understand an audience before creating memorable, persuasive copy.