Implementing security best practices to maintain integrity at the edge

George Senzere, solution architect: Secure Power at Schneider Electric.

Industry 4.0, IIoT, smart manufacturing; all buzzwords that we’ve been talking about for years. Many of us have had visions of factory floors run by futuristic robots and drones reminiscent of SciFi movies like iRobot.

Well, it seems that life is indeed starting to imitate art; a 2021 McKinsey & Company survey concluded that many global manufacturing companies were able to keep their operations running during the pandemic, thanks to Industry 4.0. Furthermore, more than half of the respondents indicated that technology played a fundamental role in staying operational.

Moreover, according to recent studies, the COVID-19 pandemic has vaulted us five years forward in digital business adoption. More and more manufacturers are considering actively adoption “lights out” factories and supply chain.

The knock-on effect is remote operations continues to increase and similarly more and more connected devices are coming online which unfortunately is escalating the potential for cyber security attacks.

The divide between IT and OT starts to fade and with that, the rise in prominence of the IT function on the factory floor. This places even more emphasis on the CIO’s role, especially when it comes to maintaining secure operations. People, process, and procedures will always be integral in securing network environment which includes the edge.

To reap the benefits of digitisation and automation, CIOs are deploying edge data centers in manufacturing settings to ensure they have the capacity to capture this incremental amount of data as well as benefit from improved speed and lower latency.

However, a local edge datacentre includes IIoT devices, switches, routers, servers and virtual environments. And with this comes a plethora of endpoints which in turn increases the attack surface for cyber criminals and hackers.

Cybersecurity best practices for edge computing

Managing the abovementioned risks require the proper implementation of security best practices for devices, networks, and applications. IT decision makers need to implement a comprehensive cybersecurity approach focused around these four tactics:

Selection criteria: Microsoft introduced the Security Development Lifecycle (SDL) to consider security and privacy concerns throughout the entire software development process. It’s important to validate vendors develop their applications, devices, and systems following a well-implemented SDL.

An appropriately integrated SDL process can reduce vulnerabilities and coding errors with the necessary mitigations to secure the application, device, and system, while, improving the reliability of the software and firmware.

Another popular security standard, IEC 62443, specifies process requirements for the secure development of products used in industrial automation and control systems as well as edge IT applications. It defines SDL or the purpose of developing and maintaining secure products.

Secure network design: As edge computing evolves and grows, so will the need to design network security for the devices and systems running in the edge. Securing access to the edge should include only providing access to resources via encrypted tunnels such as VPNs and the proper implementation of firewalls and access control systems.

Device configuration: Before an embedded device or software-based system is used in an edge application, proper analysis conducted to understand how the device / system communicates and how the device /system functions within the use case at the edge.

Best practices for device configuration include performing vulnerability assessments upon receipt of the device, verifying that the device can be configured to disable any unsecure protocols and finally, ensure all patches and updates for the device are current before final deployment.

Operation & maintenance to reduce the risk of breaches: There are specific best practices for applications, patch management, vulnerability management, and penetration testing that apply to operating and maintaining all edge applications.

Edge computing provides high-speed delivery of data for edge applications, essential for today’s business. It reduces network latency by providing the processing and delivery of needed information locally. However, it is critical data edge security maintains the integrity, availability, and confidentiality to support and strengthen business needs and objectives.

Read more