Tech

4 Cybersecurity Best Practices for Edge Computing

Cases of cyber attacks on IT networks are intensifying worldwide. A series of recent ransomware attacks on US oil pipeline systems and the global meat supply chain results from these cyber breaches, even if the vulnerabilities in IT infrastructure and their breaches appear to be relatively harmless. It highlights both possible catastrophic effects. In the case of Colonial Pipeline hacking, the attack was reported to reach only the front-end business IT systems, not the IT and operational technology (OT) that actually controls the pipeline itself. However, the attack nevertheless shut down the entire pipeline for a period of time, creating a alarming gas shortage on much of the east coast of the United States. Long lines and panic buying have become the norm for days.

With this heightened threat, increasing adoption of IoT devices, integration of IT and OT networks, and the use of cloud-based management and analytics systems, cybersecurity has become an urgent concern for edge IT owners and operators. increase. Risk of cyber attacks It’s getting worse because of the increasing decentralization of IT. The trend in edge computing is to move endpoint devices at the edge of computing networks away from more secure, centralized data centers. This has dramatically increased the attack surface available to cybercriminals and hackers.

White paper 12, “Overview of Edge Computing Cybersecurity Best Practices” Here are four things to focus on and deal with consistently to dramatically reduce the risk of breach. The four practices are:

1. Device selection criteria

2. Secure network design

3. Device setup / configuration

4. Operation and maintenance

This blog gives a brief overview of these practices. The white paper provides details and examples, along with information on relevant cybersecurity standards.

1. Device selection criteria

The first best practice is to choose a network-enabled device that can be verified to have been developed by a vendor that follows a well-implemented and secure development lifecycle (SDL) process. Or, if you are talking about industrial control devices and systems, you should follow the IEC62443 standard. This standard is accepted worldwide to define security standards developed by industrial control professionals. The SDL process was first developed by Microsoft. A typical SDL consists of seven phases that cover everything from internal training to design, security protocol validation, and incident response planning. In this way, buy from vendors who can always show their commitment and focus on the security and privacy concerns of all the products, apps and services they offer.

2. Secure network design

In addition to choosing network devices developed and optimized for security and data privacy, of course, the network itself must be designed, implemented, and managed with security as its primary concern. Protecting access to edge IT sites begins with the basics of using a virtual private network (VPN) with encrypted tunnels, implementing a firewall, and using an access control system.

In addition to these tools, the network should be implemented using: “Defense in Depth” Network (DDN) design. The Defense in Depth Network (DDN) approach protects edge computing features and maintains the availability of those features and communication paths. Edge computing utilizes distributed networks, computing nodes, storage, and security control systems. Edge’s DDN strategy is to develop security zones with different defenses in each zone. White paper 12 Demonstrate a layered approach (using network segmentation) by implementing zones and security links between untrusted zones and trusted zones.

Another recommended practice related to network design is Intrusion Detection System (IDS) Appliances located at each edge computing site. They can detect potential malicious traffic that can potentially damage, disrupt service, and impact availability to the edge environment. [1].. This treatise also introduces a new concept called “”. Secure Access Server Edge (SASE), A combination of SD-WAN deployment and embedded security. It was specially designed for distributed IT and edge deployment.

3. Device setup / configuration

Before using an embedded device or software-based system in an edge application, perform appropriate analysis to determine how the device / system communicates and the customer is involved. This includes using and applying vendor enhancement guides, performing port scans, and ensuring that all patches and firmware updates have been applied.

4. Operation and maintenance

The fourth best practice category described in this white paper is operations and maintenance. This section begins by describing the global standards that exist to provide up-to-date guidance on best operational practices. Certain applications may have their own specific tactical practices for ensuring security, but there are specific practices that apply to all edge computing applications. These include patch management, vulnerability management and penetration testing. This white paper details each of these.

And finally, outside the scope of White Paper 12, it’s also important to consider physical security as part of your overall cybersecurity strategy.one 2021 Cyber ​​Security Trend Report He said 63% of successful attacks came from internal sources, either from control, errors, or fraud. This highlights the need for physical security measures to control who has access to IT and network equipment. We recommend that you lock your IT cabinet and security camera (backed up by a UPS), as edge computing sites are often unstaffed and often operated in a “light out” fashion.

In conclusion, today’s portfolio of hybrid IT and edge computing sites and assets is highly diversified, making it more difficult to protect everything from cybercriminals. By following the above best practices, you can dramatically reduce the risk of a successful cyberattack.read White Paper 12, “Overview of Edge Computing Cybersecurity Best Practices” You can know in detail.

Copyright © 2021 IDG Communications, Inc.

4 Cybersecurity Best Practices for Edge Computing

Source link 4 Cybersecurity Best Practices for Edge Computing

Show More

Related Articles

Back to top button