Edge Computing for IoT Will Change Everything — Including Security Concerns
By Bill Dykas
May 12, 2022
By Bill Dykas
May 12, 2022
Internet of Things (IoT) networks operate from a few to thousands of devices. Scaled systems must transmit a massive amount of raw data. IoT traffic can increase latency, crowd bandwidth and compromise security when vectored unprocessed to a cloud server or from a central database to a device network.
Edge computing creates a processing perimeter at the network edge where logic and analysis can be performed in real time before data is exchanged with core systems. Research firm IDC defines edge computing as a “mesh network of micro data centers that process or store critical data locally and push all received data to a central data center or cloud storage repository, in a footprint of less than 100 square feet.” Edge processing reduces traffic sent to and from devices. It can significantly reduce data exchange times in critical applications, such as condition-based monitoring or manufacturing. Edge computing can also increase the security of a local network. However, it is subject to security vulnerabilities, most related to remote access and management issues.
All these issues are known, but as IoT devices increase in popularity, it becomes even more critical for organizations to pay attention to them. Read on to learn more about cybersecurity trends and how you can solve IoT edge security challenges.
Here’s a closer look at the current trends driving greater IoT security measures.
A recent executive order encourages organizations to adopt zero trust to improve cybersecurity. The National Institute of Standards and Technology defines the principles of this concept as follows:
Even more devices will become available, and smart devices will process most data in the years ahead. Smart infrastructure investments are rising for business use and personal use. More devices create more risk, which sharpens the focus and the need for new approaches to cybersecurity.
According to Allied Market Research, the AI edge computing market was valued at $9,096.00 million in 2020. It is projected to reach $59,633.0 million by 2030, registering a CAGR of 21.2%. Now, more companies are integrating automation and intelligence into their organizations.
In the Cost of a Data Breach Report 2021, IBM stated that data breach costs rose from USD 3.86 million to USD 4.24 million. This increase is the highest average total cost in the 17-year history of their report. These costs are on the rise, and organizations need to be prepared to address the problems that lead to those costs.
The volume of threats is increasing and costing organizations time and money. It’s becoming more evident that waiting for an attack to happen isn’t in anyone’s best interest. We must be proactive to prevent attacks before they happen and minimize the impact of any potential breaches.
The move to the cloud was already happening, but the pandemic pushed us further into relying on cloud services. The advantages of edge computing became hard to ignore, even for those previously resistant to it. Digitalization and work from home have made cloud and edge computing impact everyone.
Most organizations don’t have the technology and practices to remain secure during this shift. Enterprises must look at how they can consider security from the start of any initiative. You can read more about starting with security in mind in this post: How Native Security Impacts IoT Device Manufacturing.
Edge computing solves several data traffic issues in IoT networking. However, it can also present new vulnerabilities, resulting in a larger overall attack surface (i.e., the sum of a system’s access points a potential attacker can leverage). The state of existing platforms makes networks more vulnerable at the edge and the user endpoint. Many attacks can occur, for example, because end-users do not, or cannot, change default passwords. Without this ability, bad actors can gain access to the devices and expose edge devices to attack.
Unsecured internet resources can be found and accessed easily. (There is even a search engine, launched in 2013, for finding unsecured IoT devices worldwide.) In a 2017 “botnet barrage,” bots were deployed to search for devices running default passwords on a university campus. Five thousand IoT devices were attacked by 5,000 discrete systems trying to break through weak or default passwords.
While the vulnerability in attacks like these lies at the endpoint, edge computing complicates things by introducing potential new attack surfaces. IoT devices that connect to the public internet compromise security protocols at the edge. This is partly due to the current state of edge computing, in which full-stack solutions that include sensors, software and secure elements are rare. Many methods used to secure IoT networks at the edge can be insufficient. LPWAN protocols can become vulnerable if encryption keys are compromised. VPNs are subject to man-in-the-middle attacks.
The IoT is distributed and fragmented with a vast attack surface. A lack of physical security creates severe security risks for your entire IoT ecosystem. That’s because the distributed nature of edge computing also opens a new, unwelcome frontier of physical threats. The servers and devices that power traditional networks are usually housed in dedicated, often highly secure facilities. Still, the same tiny data centers that make edge processing such a huge leap forward can also be a security nightmare.
Instead of living in data centers, these micro-center devices are often deployed in the field. When discussing IoT edge, the field can be a corporate office, a farm and anything in between. An attacker physically tampering with an edge device can bring down a network or even harm one of its operators. A physical hack at any point in the system may act as the start to deep infiltration of a system. Subsequent hacks can be applied remotely, impacting thousands of devices.
Securing these devices is far from trivial. While hardening them against physical attacks is necessary, it’s also a trade-off between security, cost and the ease of upgrading and servicing edge data centers. Device makers must be aware of the risks and ensure devices can be easily secured to generate remote and local alarms on any sign of tampering.
The largest threat to IoT edge networks comes from installers, operators and other human actors who aren’t familiar with IoT cybersecurity’s rapidly shifting landscape. Human error is a chief cause of cybersecurity breaches. Many organizations are working on ways to reduce this risk.
IoT devices outside corporate and industrial sites are often looked upon as toys rather than serious security risks. They can be compromised if attackers have physical access to them. Devices must be secured physically and with strong passwords. They must also be updated regularly, procedures that many ordinary users may not regularly follow.
Despite increased vulnerability potential, edge processing can be a safe way to manage IoT data traffic if devices are secure and proper authentication systems are in place. The Institute of Electrical and Electronics Engineers (IEEE) recommends using edge computing for greater security. Edge software can verify the identity of IoT devices and prevent malicious devices from accessing the core network.
If you want to take advantage of IoT device and edge benefits, you need to know how to keep your data secure. Some best practices for ensuring security at the edge of the network include:
This mechanism protects sensitive data at rest and in transit. The encryption key is known only to the sender and receiver and cannot be read by third parties. This security method is essential for IoT devices because network breaches are a matter of when not if. IoT leaves organizations more vulnerable because it increases the number of endpoints that exist.
Technology is constantly evolving. You can’t predict every change, but you can do your best to prepare for it. Think about how you will use your IoT devices in the future and if there will be compatibility issues that could compromise security.
IoT devices with a simple or common password act as an open door for hackers. As IoT moves into everywhere we are (e.g., the home and workplace), all options extra security layers should be implemented. Passwords should be complex and unique for each device. Encryption keys should be stored in a hardware token device that is not connected to the internet. If a biometric authentication system makes sense for your application, then including it will further secure data.
Devices connected to the edge should not run unnecessary services. Connections to the public internet should be minimized or eliminated where possible. Protected communication channels must be established between devices. All devices should communicate securely with their environment. IoT devices should only send data relevant to their intended purpose. Devices should not be able to interact with other devices in any way.
Most organizations should turn to partners with the expertise to provide a monolithic rather than a “bolted-together” solution for an edge buildout. Beyond suitable devices and software analysis tools, edge computing solutions require physical security and controlled physical environments. Organizations that partner with experts can better overcome the complex security challenges and reap the benefits of streamlined edge processing.
As a worldwide leader in IoT solutions, Telit makes it easy for your enterprise to evolve and make the most of current technology. Telit OneEdge™, our secure software stack, empowers you to plug and play into the IoT edge. It’s comprised of hardware and software to deliver native end-to-end security and ease of deployment. We offer Entry, Pro and Ultimate plans that enable you to scale and experience IoT edge success. Telit OneEdge Solo is a private instance option that empowers you with additional security and complete control over your IoT service.
In addition to centralized device management and edge logic, OneEdge offers:
Discover how Telit OneEdge can protect your IoT ecosystem. Speak to a Telit IoT expert and request an evaluation kit today.
Editor’s Note: This blog was originally published on 6 January 2020 and has since been updated.