The Edge: One Step Closer

A simple look at this thing called "The Edge". What is it? How did we get here? And how do we protect it?

How we got here is easier to define than what "The Edge" is. Traditionally there was a device at connected by a cable to a centralized network. Connectivity was as close as the network. Then the Internet of Things (IoT) sensor was introduced and was a catalyst of convergence between the Information Technology (IT) and Operational Technology (OT). IT focuses on people and processes while OT focuses on monitoring and controlling physical devices. When these two converge traditional IT solutions of compute and data retrieval gets pushed into the control of devices. IoT now allows sensors like thermometers, cameras, others to be placed wherever they are wanted with various connectivity applications. "The Edge" allows the IT (Something) as a Service model to work with traditional OT applications. Now OT devices are cost projected based on a per user or per person cost.

What is the Edge?  The edge is the wearable technology.  The edge is the sensor.  The edge is the decentralized source of data.

The days of large data centers filling the basement are moving away.  Technology is being pushed to "The Edge" to make the data actionable faster and cheaper. "The Edge" in compute means smaller data packets means less centralized storage; be this sensor data, IT, or even traditional SCADA data.  With being able to process at the edge, the cost of servers, real estate, and the cost of running the data center may get eliminated.

"The Edge" means mass expansion becomes possible.  End users can now buy what they need, and add as they need. They can expand systems at "The Edge" exponentially in many cases as they need to in an Operational Expenditure (OPEX) vs. a Capital Expenditure (CAPEX).  The edge becomes the next frontier, how much can we put at the edge?  How small can we put it? 

"The Edge" means speed.  In terms of security, we can do many things faster at "The Edge" than at the server, with significantly less processing power.  We can now process on the sensor or on a co-located appliance at the sensor where the appliance or the sensor works only for that sensor or a handful of sensors.  Those sensors get a much smaller but much less taxed compute to allow them to thrive. Speed of processing, speed of results.  When time is of the essence, even in high bandwidth networks, even milliseconds can count. "The Edge" is allowing massive processes to occur in nanoseconds. 

Now, here is the difficulty that the both the IT industry and the OT Industry both have with "The Edge" right now.  How does it get secured?  A server is easy.  A data center is easy.  From IT, they patch the servers, they put agents on the servers and laptops to prompt a password change.  From OT they create a strong username and password (hopefully).  On a maintenance schedule they upgrade firmware. For the data center they install cameras and card readers.  Threat actors stopped.  At "The Edge", there may not be a door.  The door may be at a street intersection, or three states away. "The Edge" may not have a device to put an agent on. 

Securing and cyber securing "The Edge" is problem today.  Some sensors have hardening guides, or prompt the installer to harden the device as they install it, but is it really hardened.  Does it meet NIST standards?  Does it meet IT Standards?  Does it meet the individual end-user’s standards? As Connie Morella is attributed to saying "Standards are like toothbrushes. Everybody wants one but nobody wants to use anybody else’s." Which standard is the right one? One concept is that if "The Edge" cannot be secured like a traditional IT network, then don’t. If the device cannot be trusted, don’t trust it.  The IT edge and the OT edge are not the same, but then they are. Different appliances, possibly different users, but the application can be the same.  Synonymous with the securing "The Edge" has been the concept of the Zero Trust network.  Trust nothing and no one.  Don’t get me wrong, this is not easy, but is becoming essential.  One thing to note here is that the traditional IT infrastructure edge is much closer in readiness than the OT Infrastructure Edge. 

What "The Edge" is not. "The Edge" is not the cloud. The cloud has its own confusion separate from other systems. As the meme’s that keep getting passed around remind us, the cloud is someone else’s data center.  "The Edge" does not require a cloud. "The Edge" can be stand alone, or be part of a decentralized system architecture.  That decentralized network may involve a cloud, but it may contain a network of smaller cheaper servers or stand alone sensors running very specific processes. While "The Edge" does not require a cloud to operate, most cloud architectures require edge appliances or sensors. 

"The Edge" is the current step in the convergence of IT and OT. Today most folks interact with "The Edge" and may not even know it. It is the step. There will be another, and another. More and more sensors and compute are moving to "The Edge" reducing the need for the centralized architecture.