Does the rise of edge computing mean a security nightmare?
What do we mean by edge computing? In a nutshell, with edge computing you are processing data near the edge of your network, where the data is being generated, instead of relying on the cloud – or, more specifically, a collection of data centres.
As a relatively new methodology, computing at the edge invites new security challenges as you are looking at new setups or new architecture. Some say that you have to rely on vendors to secure your environment when you start computing at the edge. Those that champion edge computing claim that computing at the edge is safer because data is not traveling over a network but others see edge computing as being less secure because, for example, IoT devices are easily hacked.
And there are many ways to think about edge computing including smartphones. After all, if you consider the security and privacy features of a smartphone where you are encrypting and storing some kind of biometric information on the phone then you effectively take away those security concerns from the cloud and place them ‘next’ to the user, on their phone.
With edge computing, you are effectively running your code on the edge. But running your code on the edge brings about specific security challenges because it’s not within your stack or within your security environment – even though it is running on the edge it may still sometimes require queries from the back end, from the application. This is the main security concern when running a serverless environment and, in general, when running code on the edge. Where IoT devices are concerned, you run some of the code on the device itself (your mobile device or your IoT device) and you need to secure this.