On September 24, at the Microsoft Ignite conference, cybersecurity was in the spotlight! The company announced the pre-launch of a new tool: Azure Data Box Edge. Dedicated to connected objects, Microsoft's tool is a mini Data Center focused on edge computing. What is the interest of this solution? Since the emergence of connected objects, the collection and processing of data in complete security are more central than ever. From Cloud computing, companies have moved to Edge computing. What does this change mean? What are the consequences in terms of cyber security?
Edge computing in the age of IoT
What is edge computing? In a nutshell, it's an open, distributed computing architecture. Data is not gathered and processed in a single location. It is processed at the edge of the network, hence the term "edge".
The goal is to process the data close to where it is produced. According to Cisco or Helder Antunes, it is impossible today to guarantee that the numerous and recent data will be sent and processed in a fast or stable way to data centers. However, in some industries, such as healthcare, telecommunications or finance, data must be processed quickly, even in real time.
IT architects therefore thought of a mesh network of micro Data Centers placed close to the connected objects, which would process the data as quickly as possible.
But how do you achieve infrastructure automation? Find out here!
What are the risks of edge computing
The growing creation of connected objects often comes at the expense of cybersecurity. This is for two reasons:
- First, connected objects do not have the same IT protocols as software. Thus, the configuration and update of IoT tools are either different or impossible.
- Secondly, IoT use cases are very diverse. There are as many connected objects as there are uses, from e-health to home automation, including security and industry.
There are two issues with cybersecurity breaches today : networked risks and physical integrity .
If a malicious hacker wants to destroy an entire structure, he only needs to go through the connected objects to reach the entire network if they are connected to the Data Center.
The second problem lies in the attack on the physical integrity of users. If an e-health tool is hacked, it represents a danger for its owner. Barika Pace, Research Director at Gartner, adds: "From now on, we will no longer only deal with threats in thedigital space, but withthreats that have serious physical consequences.
Since developers have little or no control over the update or management of connected objects, malfeasance is only visible after a while and can be unstoppable.
Interested in this topic? Read our article on the Cyber Resilience Act, a European regulation to ensure the cybersecurity of Edge Computing and IoT.
The first answers
To remedy the problem, there are several embryonic solutions:
The first answer would be to reinforce the security of connected objects. The problem then lies in our knowledge. According to Dave Palmer, CTO of Darktrace, "The moment you try to build a system thatresists an attacker who is goingafter thephysical integrity, you'll end updoingsomething that doesn't look likeedge computinganymorebecause the data will no longer live inedge computing, but in a data center. Security would indeed be enhanced, but all the work around edge computing would be cancelled.
The second option would be to implement high frequency visits or handling. This technique would require companies to deploy heavy resources and therefore, not sustainable in the long term.
The last option remains the most interesting: "security by design". The principle is simple: companies should not add a security layer to their connected objects, but integrate this variable from the creation of the object. Although the solution is as essential as it is obvious, many organizations are still struggling to adopt it.
Whatever their needs, at creation or post-marketing, companies have every interest in working with trusted service providers who will be able to manage the risks as long as the object lives. Beware of ready-made solutions that may be incomplete. It is more strategic to turn to a team that works for the long term and can deploy maintenance when needed.
To find out more about Cloud Computing, download our white paper and and discover the 27 points to understand the challenges of Cloud Computing.
