Proteus Duxbury, transformation expert at PA Consulting, discusses edge computing security risks and benefits.
According to experts, edge computing introduces several new security risks.
Proteus explained that one of the most prominent concerns is the physical security of the devices, which are more vulnerable to malicious attacks and mishaps of all kinds than typical office equipment and technology safely held within corporate walls.
He adds: "In a highly distributed model, there's a physical security and integrity threat, because there's no guarantee [someone] might not monkey with your device. So, the physical security of handsets, edge devices and micro data centers needs to be examined."
He noted that micro data centers, such as those being deployed by telecommunication companies -- in some cases, at the base of cell towers -- introduce a level of physical vulnerability that didn't exist with corporate data centers and large cloud providers.
Meanwhile, many organizations will be challenged to understand, track and monitor what data they have and where, what protections are required at the various points based on the data and vulnerabilities specific to each endpoint and how to govern what could soon be a sprawling infrastructure at many companies.
Proteus adds: "You're introducing more vulnerability into the system when you're keeping data on the edge. But it's not because it's a new threat, but more the volume of what we're now doing on the edge.”
Although edge computing comes with new challenges, experts said it also offers some security-related benefits.
Proteus continues: "In some ways, it's more resilient, because instead of one or two or even three data centers, where if they're close enough together that, say, a big storm could impact them all, you have distributed data and compute on the edge, which makes it much more resilient to malicious and nonmalicious events. This allows us to be resilient with data and processing. And there's less data going out to a centralized location and through communication lines, whether it's fiber-optic or telephone cables. So, there's probably less risk, because the data isn't leaving the edge and going across the internet."
Meanwhile, IoT device vendors have been adding more edge computing security elements to their products after being criticized in recent years for not doing enough on that front. California's 2018 IoT security law, which, starting in 2020, requires manufacturers of connected devices to include security features designed to prevent unauthorized access, modification and information disclosure, has helped push the issue further to the forefront.
Explore how to keep the Internet of Things secure