Intelligent CIO North America Issue 8 - Page 84

FINAL WORD
an additional potential attack vector . Something as simple as a Wi-Fi-connected web camera , if compromised , can become an entry point into the entire corporate network .
One approach that organizations can take is to segment the corporate network . In this way , traffic from Edge devices remains separated from other traffic , limiting the chance that an attacker can move between systems .
Creating a separate network for Edge devices ensures that their performance is not detrimentally affected when user activity is high . connect to the decoy IoT devices or sensors , but again are not part of the production environment .
These two use cases allow the organization to detect any activity that touches either the IoT devices and sensors ( indicating malicious activity on the subnet ) or interfaces with the analysis nodes ( indicating an attack targeting the Edge Computing segment ).
As the number of Edge devices in use climbs , it also makes sense to undertake regular checks and audits . Any security strategy will not be effective unless a clear picture exists of exactly what components are in place and how the organization is using them .
This segmentation helps to maintain reliability and reduces the chances of bottlenecks .
The role of the decoy
Another technique growing in popularity is the deployment of decoy Edge Computing devices . These decoys mimic legitimate devices and their purpose is to attract the attention of cybercriminals attempting to break into the infrastructure .
As there is no reason for authorized users to access the decoys , any traffic to them should be deemed suspicious and treated as such . The organization can then divert the potential attacker from any functional Edge devices , reducing the adversary ’ s chance to access them for malicious purposes .
On-going monitoring of all Edge-related network traffic should complement the audits . If the monitoring capability detects any suspicious or unusual traffic , the organization must isolate the device before the attackers can do any damage .
A zero-trust approach
Another security strategy gaining traction within many organizations involves the concept of zero trust . By putting a zero-trust architecture in place , organizations can identify users and their devices before allowing them to connect to applications and databases .
Furthermore , applying zero trust principles to application , data and network traffic ( transport or session ) further increases the security posture .
Vlado Vajdic , Solutions Engineer , Attivo Networks
IoT devices and other sensors typically send data to the Edge of the network for analysis before sending it on to the data center or cloud . The Edge handles all the local processing .
An organization can deploy decoy IoT devices or sensors that run the same protocols as the production devices but are not production systems . These decoys mimic the actual devices but don ’ t generate any data .
Additionally , the organization can create decoy analysis nodes at its Edge that run the same applications and
By putting a zero-trust architecture in place , organizations can identify users and their devices before allowing them to connect to applications and databases .
Extending this concept to the Edge can significantly strengthen security . If the organization must identify all Edge devices before allowing a connection to the infrastructure , it reduces the likelihood of rogue devices or cybercriminals gaining access to the environment .
An organization adopting a zero-trust architecture can prevent an attacker from accessing Edge devices or analysis nodes if they attempt to connect from an untrusted node , use an untrusted application or access data without clearing zero-trust requirements .
Even if the attacker compromises a legitimate user account and uses a cleared device , the zero-trust controls will not allow the uncleared application access to the data or the network segment .
When adopting Edge Computing , it is essential to take a multi-layered approach to security . This approach involves a mix of decoys , network segmentation and zero trust techniques .
By following this path , organizations can enjoy the benefits while maintaining effective security . p
84 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com