View all topics
Back to CompTIA

Closing the Security Gaps at the Edge

  • 7 mths ago

More than 18 months into the COVID-19 pandemic and the new normal of the workplace, organizations continue to figure out how to best approach cybersecurity. And they are struggling. A new study from Lynx Software Technologies found most American executives believe their company has serious security gaps, and that remote work made the situation worse.

“Now more than ever, it is incredibly important that employees feel like they can trust the security of their corporate networks,” Arun Subbarao, vice president of engineering and technology at Lynx Software Technologies, said in a formal statement. “Remote and hybrid work models are here to stay, and organizations need to ensure not only that their corporate network infrastructure is secure, but also verify that every endpoint—from printers at HQ, to laptops and tablets in each employee’s home—are protected, as well.”

A little more than half of the survey’s respondents think that edge computing would improve security in their organizations. But no cybersecurity system is 100% incident-proof, and anyone who is turning to edge computing for better security has to remember that there are security gaps on the edge, too.

New Edge Security Concerns Open New Gaps

As technology has evolved, so have the risks that need to be addressed. Back in the days when systems were connected inside an organization and there were no outside connections to worry about, threats literally came from inside the building. More often than not, disgruntled employees presented the biggest risk to the company, and the security gap was identifying the employee before damage could be done. “With a network connection from that enterprise to external services (public clouds), there is a potential access point for anyone on the planet to attack that system,” said Ian Ferguson, VP of marketing, Lynx Software Technologies, in an interview.

IoT devices are a prime target for edge security threats. Gaps are most likely to be found in data protection since there are no physical or centralized security systems around data on the edge. Also, devices designed for edge computing aren’t built with a security-first (or second, or third) mindset. Authentication methods are lax—many users never change the default passwords from the setup process—operating systems are often out-of-date and applying patches and updates to firmware often is ignored because there is no simple way to alert users that it needs to be done. In the new normal of the hybrid workplace, there are more unknown devices than ever connecting to the network. Finally, when a threat hits an edge device, time is of the essence even more than in more traditional network systems.

“At the edge, seconds matter, meaning that cybersecurity tools must be automated to deal with threats in real-time to prevent serious damage,” Matt Hathaway, vice president, product marketing at Imperva, told Security Boulevard earlier this year. “You have milliseconds to handle data traffic in order to mitigate the threat.”

Any organization without a plan to handle threats on edge computing devices has huge gaps in their overall security system and in, therefore, at a greater risk for being hacked.

Continue reading:

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like1 Follow
  • 7 mths agoLast active
  • 3Views
  • 1 Following
Powered by Forumbee


View all topics