Cloud

How Securing the Tactical Edge Can Help Operators in the Field

Security is a consideration that cannot be overlooked when deploying edge computing solutions.

George Kamis is CTO for the global governments and critical infrastructure business at Forcepoint. He works closely with information assurance industry leaders and government executives to help guide long-term technology strategy and keep it aligned with federal and industry requirements.

The Internet of Things has transformed the tactical edge. Just as a seemingly endless list of consumer technologies, from thermostats to light bulbs, have been equipped with sensors and connected to the internet, so have many military technologies, from drones to wearable devices.

At the same time, the federal government mandated a “cloud-first” strategy in 2017, only recently evolving it to “cloud-smart” instead. For most, “the cloud” has referred to a centralized public cloud.

An emphasis on centralized cloud computing and an explosion of distributed devices have combined to create a substantial stream of data that is collected by war fighters in the field, sent to a stateside cloud for processing, then pushed back to the edge. For the military especially, this can be both inefficient and dangerous. A seemingly small delay in processing can have a huge impact on the battlefield.

Enter edge computing. In the simplest terms, edge computing means that computing takes place at or near the actual data source — on the mobile, distributed devices proliferating at the edge. Edge computing offers low-latency data processing and real-time insights —benefits that will increase in importance as the number of edge devices continues to balloon. Security, though, is another consideration that cannot be overlooked; organizations must ensure their architecture can sufficiently support the tactical edge.

Agencies Gain Access to Unified, Cloud-Native Services

Edge computing inverts network and security service design patterns, shifting the focus to the secure interaction of users and data wherever they are — more often than not, outside of traditional enterprise perimeters.

As a result, the market must move from point products in the cloud to Secure Access Service Edge (SASE, pronounced “sassy”), a transformation Gartner predicts will happen by 2024. This emerging security and networking architecture model, introduced by Gartner last year, converges networking and network security into a single cloud-native service.

As edge computing breeds complexity, latency and the need to decrypt and inspect encrypted traffic, the demand for the consolidation will only increase. SASE is different from other approaches because of the security breadth it brings.

Combining web, network, app and data security into one provides visibility and control across the cloud, network and endpoints. Hybrid enforcement allows the same management and policies to be enforced from anywhere, which leads to increased speed, lower costs and uniformity.

Behavioral Analytics Can Protect Devices at the Edge

SASE also enables behavioral automation and risk-adaptive protection, which are particularly crucial as warfare evolves. There aren’t just more devices connected to the internet; those devices are growing in complexity and speed thanks to AI and machine learning, which have bolstered offensive and defensive capabilities.

It’s imperative for the military to protect technologies at the edge to ensure they aren’t manipulated and used against their forces. If, for example, military systems, communications, security cameras, IoT sensors or card readers get compromised, organizations must have the security in place to react quickly.

Organizations must leverage behavioral analytics for IoT devices communicating back to the cloud. Behavioral intelligence can be integrated into cloud-based security platforms to extend automated and risk-adaptive protection. This adaptively shapes and enforces security policies across enterprise endpoints or devices with no administrator intervention — and can do so across an agency’s entire on-premises and cloud infrastructure.

This allows organizations to gain insight into human and machine behavior, thus helping protect AI-fueled digital transformation efforts. On the human side especially, administrators should implement management and monitoring plans that focus on the individual, even in a widespread edge environment.

A highly targeted security approach, such as one that involves monitoring individual risk profiles and user behaviors, is preferable since security measures can be targeted at individuals without creating friction throughout the entire workforce.

Edge Computing Requires New Security Controls

As edge computing is combined with cloud computing, it requires the same rigorous security considerations as with running in the cloud. That is a challenge for many organizations today, given their current security infrastructure.

As IoT and the tactical edge continue to grow, organizations will be forced to adapt. Agencies should begin to reconsider their current architecture to support the tactical edge now, embracing a cloud-native approach that can underpin simplified network and security administration down the line.

There is no question that SASE will play a leading role in this transformation, enabling greater cloud app performance, cutting the complexity of security hardware and connectivity, and increasing visibility and control, among other benefits. Only by investing in this foundation will organizations be able to realize the benefits, latency and bandwidth included, of edge computing.

gremlin/Getty Images