A new approach to data protection at the edge [Q&A]
Given the increase in both frequency and complexity of cyberattacks today, it's no surprise that security is coming to the forefront across industries.
While people often view cybersecurity as hackers trying to steal data, threats can impact more than just traditional data loss. With new technologies like edge computing emerging, we need to start thinking about protecting physical infrastructure in addition to data at the edge.
But is connecting devices at the edge even less secure in the first place? We spoke with Jason Andersen, VP of business line management for Stratus Technologies, to discuss the ways that edge computing has changed the threat landscape and how companies should start thinking about securing data differently at the edge.
BN: How has the evolution of modern edge computing technology changed the threat landscape and the way we approach security risk at the edge?
JA: There was a time not long ago where edge systems were only used for process automation. The purpose of the data was to alert operators to any issues that needed their attention. Today, however, the IIoT is becoming increasingly smarter and edge technology is getting more advanced, so it stands to reason that our methods of protecting data at the edge are changing as well. Modern edge systems are complex such that they are automating more processes and making real-time decisions, meaning that the data at the edge is critical when it comes to analysis.
Because of the importance of this data, there are inevitable concerns from business leaders about security at the edge, specifically with connected devices in these environments. My counsel to these leaders is that edge computing does not necessarily pose any more threats than other new technologies like IoT or AI. However, the security risks are different as with any emerging technology so we need to change our approach to data protection at the edge in order to keep up with these changes.
With the quick emergence of edge computing in industries from manufacturing to financial services and everything in between, it's key that business leaders think differently about protecting both physical infrastructure and data at the edge.
BN: How can companies change their mindset when it comes to protecting their data at the edge?
JA: Business leaders need to think about data protection at the edge as an essential element to their security strategy that is baked in at the outset, instead of added as an after-thought. First and foremost, companies need to expand upon their view of their data's integrity since that which is being protected at the edge is now a key business asset. System availability should still be top of mind, but compliance is now an equal priority as applications that process data at the edge need to be continuously available with no disruptions in the process. Companies should guarantee that data being used for real-time analytics has equal parts proper latency, connectivity and security.
BN: On the other side of the coin, are there are security benefits that come with deploying edge technology?
JA: Absolutely. Edge computing provides operational technology (OT) professionals across industries an ability to do real-time analysis on any security risks that arise. This reduces unplanned downtime, keeping business-critical apps and production cycles up and running. What's more, if you adopt OT security software in your edge computing environments, security and data protection is actually extremely high. This is because the technologies paired together create an additional layer of security by detecting threats at the outset given its proximity to critical data and applications.
BN: With security at the edge becoming a front-line issue, are users being too hasty in their plans to patrol the edge and get pilots off the ground?
JA: No, I don't think they are being too hasty. I do think that security at the edge is multifaceted and may need multiple approaches. What we would tend to see is an organization deploy one security measure (such as encrypting network links) and thinking they are all set. It's probably more than that.
BN: Aside from the security aspects, how else do you see edge computing technology evolving in the next year?
JA: I've been seeing a lot of talk in the industry about the capacity of edge computing devices getting smaller to offload workloads to the cloud. But I've actually seen the opposite and predict that 2019 will be the year that these devices will get more powerful with higher capacity capabilities. It's interesting because we're always seeing this need to make things smaller and simpler, but this trend is going to reverse over the next year. One example that comes to mind is edge gateway devices -- this technology is pretty simple now but, in order to use it for virtualization or containers which require more data, capacity will need to get larger.