Edge computing is about to solve IT’s negative user-experience problem. Edge computing’s set-up of decentralized servers and instant data processing will be the key to power real-time analytics and boost response time of applications. But, according to experts, there is a threshold it needs to cross before it becomes the next cloud.
As IT powerhouses and boutique vendors form a beeline to push out their brands of edge solutions into the market, a backdrop of insidious cyberattacks looms large making one wonder – what risks await at the edge, and what will security be like when edge computing becomes the standard?
A Tinderbox Situation
Edge computing is a distributed computing model where significant processing happens at the edge where data is generated. This is a diversion from the practice of sending data from devices to the centralized servers in the cloud, and back to the devices again – a process that results in significant loss of time in data transport, and long latencies at the users’ end.
The idea of moving computing out to the edge has huge payoffs, not just in the way enterprises do computing, but also in the way users are connected to the applications. For time-critical applications that demand instant results, edge computing provides a smart workaround, and in many respects, is believed to be critical to the success and spread of technologies like IoT and AI.
But the edge is not without challenges of its own. Unlike the cloud which operates out of safe datacenters environments, the edge is everywhere – in the outer space, under the ocean, in the middle of the desert, on mountain tops, and in parts of the world poorly served by the Internet. Many of these environments are uncontrolled, and vulnerable to physical tampering and remote attacks.
Gestalt IT met with Virgil Renz, Chief Innovation Officer at AI EdgeLabs – a company that specializes in edge, IoT and OT cybersecurity solutions – to understand closely the security headwinds at the edge, and what, in his view, is the best way to enforce security in edge sites.
Although the edge has the same architectural blueprint as the cloud – the client-server design – Renz said, the complexity of edge environments is very unlike cloud.
Inherently, data processed outside the safety lines of corporate firewalls is in greater danger of cyberattacks. More data stored in user devices rapidly expands the attack surface, putting them at an increased risk of breaches like distributed denial of service, also known as DDoS.
Adding to this problem is the physical location of edge sites. which make edge environments, by default, harder to secure. Edge devices are deployed across vast geographical expanses, and these include areas with low or no internet connection or IT service. Often interconnected, the edge network offers a favorable surface for attackers to seize access and orchestrate attacks. The growing attacks on pipelines and power grids are proof of that. Factors like these cause virtual security risks at the edge to soar every day.
Renz highlighted that information security standards like PCI DSS and NIST put increased pressure on organizations to maintain a baseline for protecting public information.
Reports of breaches coming from other severely affected sectors like telecom, and automotive, further confirm the vulnerabilities of the edge ecosystem. It is a burning problem and a growing concern among organizations stepping into the edge world.
Screening out the Weak Points in Physical Security
The most suitable way to screen out threat vectors from edge networks is to get out in the field and do a thorough look-around. Site surveys and penetration tests provide a way to do that. Pen tests simulate real-world attack scenarios on systems to test their security resilience. Using the same tools and techniques as attackers, the tests probe systems, spotting the weak points and demonstrating their business impacts.
The reach of physical pen tests are deep and wide, and involve steps like, mapping of the physical perimeter, lock picking, server room testing, dumpster diving, and spotting of interception and tailgating.
Sounds great, right? Except, there aren’t very many IT personnel at the points of presence to perform the tests, or smart hands available nearby to troubleshoot issues.
A problem compounding the risks is the general lack of information about edge security, Renz noted. To make sure that they are covered, enterprises need to solicit advice from specialists, and have a solution at the ready that can actively guard the network without a tech team present on the spot.
The Edge Needs Active Security
The edge will likely have a much wider appeal and adoption when that prevailing security is available to all. This is why AI EdgeLabs has created a cyber AI platform for active security.
An AI-based autonomous solution, the AI EdgeLabs platform is purpose-built for edge environments. It’s key goals are to primarily protect the infrastructure perimeter, and accelerate response of security teams. The solution works by doing active threat hunting, providing near real-time visibility end to end.
A core component of the platform is AI EdgeLabs Sensor. Software-based sensors, these are monitoring agents that are deployed directly in edge nodes. The agents scan the topology and gather initial context of the environment. In the next steps, they crawl the ecosystem performing regular security checks, watching and analyzing the network behavior.
These sensors are powered by a set of pre-trained AI-based models that AI EdgeLabs keeps up-to-date with the latest threat information and attack signatures. The sensors check all inbound and outbound connections for abnormal states and malware, and report back findings in real-time. The AI EdgeLabs’ centralized dashboard provides full visibility of the attack surface providing signals and alerts for abnormal behaviors, malware, ransomware and viruses, and recommendations for rapid troubleshooting.
AI EdgeLabs locates threats and dispatches response with 99% accuracy. The solution is extremely lightweight with footprint not exceeding 500 MB. It is flexibly scalable going from tens of network nodes to thousands, within a span of a day. Renz told Gestalt IT that more work is being put into expanding the scope of the platform’s incident response.
AI EdgeLabs supports two kinds of integrations – Kubernetes-based and Linux-native. AI EdgeLabs provides all interested parties a pre-purchase trial version to explore the basic out-of-the-box functionality of the platform.
Wrapping Up
Touted the holy grail of real-time processing, the edge is poised to go big. But a myriad of remote and physical attacks is weakening its foundation, making decentralized computing a thing in the far future. As enterprises put one foot before the other making footprints in the brave new world of edge computing, they need to bring their A-game in security to mindfully circumvent the tinderbox. And for that, a solution like AI EdgeLabs is indispensible.
For more information on the solution, check out AI EdgeLabs’ website. For more stories like this, keep reading here at Gestalt IT.
