Protecting edge data in the era of decentralization – CXOToday.com

Cyberattacks can exacerbate existing security issues and expose new gaps atthe edge, presenting a series of challenges for IT and security staff. Infrastructure must withstand the vulnerabilities that come with the massive proliferation of devices generating, capturing and consuming data outside the traditional data center. The need for a holistic cyber resiliency strategy has never been greater not only for protecting data at the edge, but for consolidating protection from all endpoints of a business to centralized datacenters and public clouds.

But before we get into the benefits of a holistic framework for cyber resiliency, it may help to get a better understanding of whythe edgeis often susceptible to cyberattacks, and how adhering to some tried-and-true security best practices can help tighten up edge defenses.

The impact of human error

Human error can be the difference between an unsuccessful attack and one that causes application downtime, data loss or financial loss. More than half of new enterprise IT infrastructure will be at the edge by 2023, according toIDC.

With so much data coming and going from the endpoints of an organization, the role humans play in ensuring its safety is magnified.

Perhaps the biggest challenge is thatedge environmentsare typically not staffed with IT administrators, so there is lack of oversight to both the systems deployed at the edge as well as the people who use them.

While capitalizing on data created at the edge is critical for growth in todays digital economy, how can we overcome the challenge of securing an expanding attack surface with cyber threats becoming more sophisticated and invasive than ever?

A multi-layered approach

It may feel like there are no simple answers, but organizations may start by addressing three fundamental key elements for security and data protection: Confidentiality, Integrity and Availability (CIA).

In addition to adopting CIA principles, organizations should consider applying a multi-layered approach for protecting and securing infrastructure and data at the edge. This typically falls into three categories: the physical layer, the operational layer and the application layer.

Physical layer

At the edge, servers and other IT infrastructure are likely to be housed beside an assembly line, in the stockroom of a retail store, or even in the base of a streetlight. This makes data on the edge much more vulnerable, calling for hardened solutions to help ensure the physical security of edge application infrastructure.

Best practices to consider for physical security at the edge include:

Operational layer

Edge environments tend to lag in specific security software and necessary updates, including data protection. The vast number of devices being deployed and lack of visibility into the devices makes it difficult to secure endpoints vs. a centralized data center.

Best practices to consider for securingIT infrastructureat the edge include:

Application layer

Once you get to the application layer, data protection looks a lot like traditional data center security. However, the high amount of data transfer combined with the large number of endpoints inherent in edge computing opens points of attack as data travels between the edge, the core data center and to the cloud and back.

Best practices to consider for application security at the edge include:

Recovering from the inevitable

While CIA and taking a layered approach to edge protection can greatly mitigate risk, successful cyberattacks are inevitable. Organizations need assurance that they can quickly recover data and systems after a cyberattack. Recovery is a critical step in resuming normal business operations.

By vaulting data on the edge to a regional data center or to the cloud through an automated, air-gapped solution, organizations can ensure its immutability for data trust. Once in the vault, it can be analyzed for proactive detection of any cyber risk for protected data. Avoiding data loss and minimizing costly downtime with analytics and remediation tools in the vault can help ensure data integrity and accelerate recovery.

Backup-as-a-service

Organizations can address edge data protection and cybersecurity challenges head-on by deploying and managing holistic modern data protection solutions on-premises, at the edge and in the cloud or by leveraging Backup as-a-Service (BaaS) solutions. Through BaaS, businesses large and small can leverage the flexibility and economies of scale of cloud-based backup and long-term retention to protect critical data at the edge which can be especially important in remote work scenarios.

As part of a larger zero trust or other security strategy, organizations should consider a holistic approach that includes cyber security standards, guidelines, people, business processes and technology solutions and services to achieve cyber resilience.

The threat of cyberattacks and the importance of maintaining the confidentiality, integrity and availability of data require an innovative resiliency strategy to protect vital data and systems whether at the edge, core or across multi-cloud.

(The author is Ripu Bajwa, Director and General Manager, Data Protection Solutions, Dell Technologies India, and the views expressed in this article are his own)

Excerpt from:

Protecting edge data in the era of decentralization - CXOToday.com

Related Posts

Comments are closed.