Edge computing sites are cropping up all over, driven in large part by Internet of Things (IoT) technology and digital transformation efforts that are generating enormous amounts of data that demands localized processing and storage. At the same time, the proliferation at the edge is creating a new challenge: how to effectively secure all these far-flung environments.
To manage edge computing sites, companies are increasingly instrumenting power and cooling systems, racks, UPSs, PDUs, and cabinets such that they can collect performance and operational data from them, typically via Internet connections. Doing so, however, creates a security challenge: all of those devices are now potential points of entry for cyber-attacks. Compounding the problem, the facility managers who oversee data center infrastructure previously haven’t had to worry about security and don’t necessarily have the expertise required to determine where vulnerabilities lie, nor should they be expected to.
Indeed, even seasoned security professionals struggle with the issue because they can’t get visibility into the data center infrastructure to determine what may be at risk of an attack.
That’s because acquiring device information means logging into each device individually or looking at data log files filled with data from network management cards (NMCs). It’s not feasible for a security professional to do either for hundreds or thousands of UPSs, PDUs, racks, cooling units, and other data center infrastructure — both in centralized data centers and geographically dispersed edge computing facilities. Even at 20 devices, the chore begins to get time-consuming and difficult.
Outlining IoT Security Risks for Edge Computing
But the risks are real. Just last month security researchers in the Microsoft Threat Intelligence Center announced they found attempts by “a known adversary” to compromise popular IoT devices across multiple customer locations.
“These devices became points of ingress from which the actor established a presence on the network and continued looking for further access. Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network in search of higher-privileged accounts that would grant access to higher-value data,” Microsoft said. “These simple attacks taking advantage of weak device management are likely to expand as more IoT devices are deployed in corporate environments.”
A survey of 625 risk management and governance experts by Ponemon Institute illustrates the point. It found 26% of respondents in 2018 suffered an IoT-related data breach, up from 15% in 2017.
The issue arises at an inopportune time, as companies continue to build data centers, including edge data centers, to accommodate IoT, digital transformations, and other efforts that are driving the need for more compute power. In each one, they’re also connecting previously unconnected devices, only adding to the potential attack surface.
Clearly there’s a growing need for tools that make it easier to manage power and cooling network security from the data center to the edge, without requiring scarce security experts to do the heavy lifting. Companies need a way to quickly determine whether devices need firmware updates to get the latest security patches, or if they’re not configured properly, such as using the HTTP protocol instead of the secure HTTPS or Telnet vs. SSH. Some devices may be so old they don’t support secure communications protocols and simply need to be replaced.
EcoStruxure IT Expert Offers a New Device Security Vulnerability Assessment
Schneider Electric is working to fill the void with a new security assessment offering as part of its EcoStruxure IT Expert platform. IT Expert is a next-generation DCIM software leveraging cloud-based technologies to monitor data center infrastructure and collect data to drive applications, including preventive maintenance.
The new security monitoring feature enables customers to assess the status of infrastructure devices for all kinds of data center infrastructure — UPSs, PDUs, and in-row cooling systems. The assessment will alert you to configuration errors that can cause potential security vulnerabilities, if firmware is out of date, and whether devices are too old to support modern security best-practices and should be replaced. This assessment can uncover issues that may have previously been unknown. For example, David Radszuweit, CEO Linespotting AB, a pilot customer of the assessment shared, “Even if I know what I am doing and do it pretty well after 25 years, I found security issues on my devices that I didn’t think existed. It was a real eye opener.”
Start Your Free Trial
Complacency is no answer in the face of the very real security threats that IoT devices present. You need to take action to protect your data centers, and your company. Click here for your free trial of the EcoStruxure IT Expert monitoring software and its new assessment to start countering security threats now.
The post How to Prevent Edge Computing Security Risks in a Connected World appeared first on Schneider Electric Blog.