While many of today’s always-connected tech devices take advantage of cloud computing, IoT (Internet of Things) manufacturers and app developers are starting to discover the benefits of performing more computational analytics on the devices themselves. This approach reduces latency for critical applications, lowers dependence on the cloud, and better manages the deluge of data being generated by the IoT.
The number of devices connected to the Internet, including the machines, sensors, and cameras that make up the IoT, continues to grow without flagging. A new forecast from IDC estimates that there will be 41.6 billion connected IoT devices, or "things," generating 79.4 zettabytes (ZB) of data by 2025.
As this volume booms, the amount of data generated by these devices will also continue to grow. Protecting the Edge - the source of the data - will become more of a challenge to enterprises. IoT adoption is growing and the aim for organizations is to put more intelligence on the Edge via smarter, more capable devices. This extends the traditional enterprise IT infrastructure beyond a data center or cloud environment. Today’s trucks, containers, kiosks, warehouses, and commercial buildings are creating an ecosystem of Edge devices that not only collect and disseminates data but also perform highly complex tasks such as Artificial Intelligence (AI) at the outer reaches of the network.
Given the sheer number of Edge devices across the globe, the risk of a data breach multiplies for enterprises. Last year, there were 1,244 data breaches, exposing 446.5 million records. These come at a high price. Ponemon Institute estimates the average cost of a data breach to exceed $3.5 million. Losses of this magnitude cannot be considered a normal cost of doing business, so enterprises need to take measures to protect themselves.
Edge computing and IoT: A balancing act?
At its most basic, the purpose of Edge computing is to better cope with the vast amounts of data generated by IoT sensors and devices. For many applications, this means analyzing and acting on data at the edge of the network, closer to data sources, rather than transported to a remote, centralized data center for processing. Much of the time an IoT device is responsible for this processing actuation.
Adding data-generating devices to the network in increasingly remote locations can lead to additional cybersecurity vulnerabilities, providing hackers with an easy entry point into the network that can be exploited to access the core systems that the Edge devices connect to.
In short, the concept of the network perimeter is vanishing. Instead of securing the perimeter, the enterprise must secure each device.
Public Key Infrastructure as a proactive solution
Reducing the risk of data breaches that exploit IoT networks requires a thorough data protection and device security solution. A flaw in the security of any device on the network exposes the entire network. Edge node security becomes paramount to prevent any access point being exploited, including proactive rather than reactive cyber-defense.
As attack vectors are rarely consistent or predictable, IoT protection must continually innovate. Baseline defense mechanisms include authentication and verification of devices in the network. Static credentials with strong passwords no longer provide the level of protection required to protection from operational disruption or data loss.
Traditional security applications like antivirus and firewalls do not work with these devices that are out beyond the enterprise’s network. Rather, powerful, cohesive encryption algorithms and certificate-based authentication are a must. The Public Key Infrastructure (PKI) framework can provide them. PKI can provide the encryption to protect data in motion across the networks an ensure that all participating devices—as well as the services they connect to—are authentic.
Edge computing and IoT are new architectures that require new security approaches. The old concept of a relatively safe zone inside the firewall does not apply here. Rather, the devices and processors living at the Edge must each be hardened against attack. Robust identity verification and encrypted data transmission are two critical components of this approach.