IoT Security is Living on the Edge

2 weeks ago
Eric Vanderburg

As the size of the Internet of Things (IoT) continues to grow, so too do the potential security risks for enterprise IoT as attackers target it.  Gartner estimates 8.4 billion IoT devices will be in service this year and that by 2020, we will have 26 billion IoT devices connected.  These devices generate an enormous amount of data that must be processed and secured.  Existing cloud systems are ill-equipped to handle such data due to the latency involved in transmitting data to and from centralized cloud compute environments.  The solution lies in building more intelligence into the edge.

Iot Security at the Edge

Edge computing pushes the processing to devices that are close to the IoT devices to avoid this latency.  This results in higher operational efficiency, and it is also being leveraged to provide robust security protections and analytics.

IoT threats can evolve rapidly, and they require an equally rapid response to prevent or minimize damages and to protect critical organizational assets and systems.  Security at the edge provides this rapid response successfully.  Edge security streamlines the flow of traffic between the edge and IoT devices, making it possible to conduct real-time security analysis, filtering, and processing of security data.

Another advantage of edge security is a reduction in the network attack surface.  Traffic to and from the edge and IoT traverses fewer hops, sometimes directly from devices to a gateway edge processing device, and this reduces the potential opportunities for data manipulation or unauthorized access.  Furthermore, since a large portion of processing occurs at the edge, data communications between edge and cloud devices need send only what data is required for cloud processing or decision making.

Implementation

As with many security paradigms, effective implementation is the key to the successful operation and realization of security ROI.  Enterprises need to manage many different types of devices from different vendors.  These vendors may have different update schedules, integration requirements, and support for security features, which can make managing vulnerabilities, enforcing security standards, and maintaining compliance quite a challenge.  One solution is to use an edge gateway to interface directly with the IoT devices.  This gateway is a barrier between IoT and the rest of the network.  It enforces security policy, collects data, and performs the edge processing at a point near to the IoT devices.

Next, data from multiple types of IoT devices must be combined to provide a holistic operational view.  This requires a level of standardization and normalization of the data and data types.  This should be combined with baselining.  IoT devices are designed to perform specific tasks, and so their normal operating behavior will generally fit certain predictable patterns.  These patterns should be captured in a baseline that can be used to identify anomalous behavior that indicates an attack.

While much of the processing and immediate decision making takes place at the edge, edge systems do not operate in isolation.  Edge security for IoT functions in combination with cloud systems, especially at the operational and strategic levels.  Data sent to centralized cloud systems can be combined, summarized, deduplicated, and encrypted so that technology and security resources are most effectively used without significant impact to operational efficiency.  It is important to note that not all data needs to be sent to the cloud.  Only meaningful data must be transmitted.  This often includes metadata or data derived from the analysis, not the raw data.

Lastly, it is crucial to select hardware that can survive close to IoT devices.  This may not be much of an issue in an office setting, but it is a far different situation on a factory floor where debris and grime can interfere with sensitive electronics or in environments where large temperature fluctuations or other environmental conditions are common.  A standard rack server won’t do.  IoT edge devices must be ruggedized to endure in these surroundings.

The sheer size of today’s Internet of Things is shifting the security focus to edge computing.  It is clear that more security is needed on the edge, where devices like industrial sensors reside.  However, implementing this security requires selecting the right technology mix and configuration.  The power to harness IoT securely rests in the frameworks we deploy today and today, IoT security is living on the edge.

This post was sponsored by Dell, but the opinions are my own and don’t necessarily represent Dell Technologies’ positions or strategies.