Edge Computing: The Security Imperative

Edge computing is gaining traction quickly – with some analysts deeming it the next great revolution in technology. Some of the industry’s biggest players are making significant investments in edge computing to help their customers implement digital transformation initiatives. In fact, IDC has predicted that the worldwide edge computing market will grow to $250.6 billion by 2024.

Additionally, a Fortinet and Cyber Security Insiders 2021 Cloud Security Report surveying more than 500 cybersecurity professionals found that 70% of organizations are pursuing a hybrid or multi-cloud strategies for the integration of multiple services, scalability or business continuity reasons. This new technology paradigm brings a number of benefits, but it also requires a new approach to security given how distributed users and data are today.

Benefits of edge computing 

Edge computing is growing because of the many advantages it offers companies. The idea behind edge-based compute is that to get the most accurate information in the quickest way, you need to move the data and storage as close to the compute as possible – on the edge where the data is actually being processed. Indeed, moving forward, 75% of enterprise-generated data will be created and processed outside of a traditional centralized data center or cloud, according to Gartner. 

Edge computing enables organizations to scale their IT infrastructure and increase compute capability more quickly and at a lower cost. This then enables greater data collection and analysis possibilities, including the collection of actionable IoT data to make improvements quickly to better serve customers. Edge computing also opens the door to new markets without a corresponding expenditure for infrastructure, as well as the ability to quickly shift between markets as needed.

By bringing computation and data storage closer to the location where it is needed, edge computing improves response times and saves bandwidth. But this requires high performance , low latency 5G networks. This low latency is especially important when it comes to IoT devices; it further empowers these devices to live up to their fullest potential, thus supporting the accelerated data-driven decision making for better outcomes and experiences. 

The challenge of securing an edge computing world

Edge computing means additional complexity and confirms the emergence of hybrid networks as the operating norm. When endpoints multiply, the threat landscape expands accordingly. Security teams need to be in communication with operations and networking teams in order to be able to make edge-based computing work securely. Many times, edge-based compute gets deployed, but the security implications are overlooked.

Security teams also need to ask themselves whether they have a security architecture that can support visibility across this type of distributed ecosystem. They need to know whether they can actually implement zero-trust principles – the ability to ensure that only the right people and the right things have access to the right applications at the right time, across the LAN, WAN and cloud edges.

Robust security needs to be provided across the distributed network, combined with low latency and high performance – especially with the deployment of 5G networks. Security and network operations can no longer be operated as separate silos. Edge-based computing’s requirement for high performance, secure networking requires a convergence of security and networking. This requires integration of security from the outset.

Best practices for securing edge computing

You’ve made the decision to adopt edge computing, and your operations/networking teams are in discussion with your security teams. What’s the next step? Where do you get started? Here are five key best practices to focus in understanding your current state, considering your organization’s desired state and how you will get to your desired state.

1. Understand the current state: Think through these questions: What data do I have? How critical is that data? Where does it reside? How are we handling data classification?
2. Begin to get your edge security in order: Ensure basic cyber hygiene policies and practices are being implemented and aligned with your overall security strategy.
3. Zero-Trust: Speaking of strategy, you should develop plans to implement a Zero Trust-based approach for securing your edge compute nodes. How will you ensure a least privileged based approach to access control and continuously monitor and assess risk?
4. Vulnerability management: This is going to be key as many edge-based computing devices are being brought to market with limited security forethought. How will you ensure proper configuration and patching of new devices? Look for vendors who offer broad, integrated and automated visibility and control.
5. Define and continually measure against your outcome and experience goals: Afterall, the object of the exercise is continually improving decision-making for better outcomes and experience. Also, tie security and network performance metrics to these key performance indicators. 

Start with security

Edge computing’s massive benefits are leading more and more organizations to adopt this technology model. However, security sometimes gets lost in the midst of “shiny object syndrome,” where people’s good sense is overpowered by the excitement of a new technology. But since this model expands the attack surface dramatically, security must come first. Use these best practices to ensure your edge deployment remains secure.

Discover the full set of trends and insights revealed in the 2021 Cloud Security Report here.

Find out how the Fortinet Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.