Maintaining Security in the Shift to the Intelligent Edge

By Michael Wignall, Azure Business Lead, Microsoft UK

Michael Wignall, Azure Business Lead, Microsoft UK

The era of the intelligent edge

From agriculture and transportation to manufacturing and retail, IoT is now commonplace in streamlining operations, reducing processing costs and ensuring businesses of varying sizes and sectors can remain competitive. As IoT has continued to evolve and enable true innovation for many businesses, we have reached the next phase in its realisation—the shift to the intelligent edge.

Combining hardware and software to gather and analyse data near the IoT device where it was collected as opposed to just in the cloud, the intelligent edge enables real-time data analysis, reduced bandwidth usage between the edge and the cloud, and advanced AI to run directly on a device.

The combination of the expansive computing power of the cloud and the ability to connect devices at the edge of the network creates an array of possibilities for CIOs. These include managing millions of connected devices simultaneously, access to valuable data, and the ability to create truly immersive multidevice experiences. As CIOs increasingly implement and evaluate their infrastructure options, one factor which must be considered as a priority is security.

With 20 billion devices expected to be connected by 2020, a holistic approach to security which is strong enough to handle the intricacy of IoT solutions, from cloud to edge, is crucial for every business. There are four key ways CIOs can do this:

1. Ensure security is built-in, not bolted-on

Any device that is connected to the internet has the potential to be targeted by an attack, with this risk increasing as more industrial devices and manufacturing services become connected. Within each of these devices, a microcontroller (MCU) will be present and there is no longer a need to integrate an ‘over the top’ security layer which adds complexity and cost to existing IoT systems.

As IoT has evolved to the intelligent edge, there is now a new class of MCUs with built-in security. This purpose-built operating system has been optimised for security and agility, and includes a cloud security service that guards every device. This also extends the reach of security protection to the outer regions of the intelligent edge.

The protection starts in the silicon with built-in not bolted-on security assurance, giving IoT developers and businesses alike the ability to produce the next generation of secure connected devices.

2. Securing the intelligent cloud

In maintaining security in the age of the intelligent edge, a second crucial area to consider is securing the intelligent cloud.

The key points for today’s CIOs to consider are ensuring that security is built-in, not bolted-on, securing the intelligent cloud and databases, and finally, strengthening long-term security frameworks

This is the core of IoT data storage, processing, and analysis, and is pivotal in providing real-time data, therefore making a malware attack potentially catastrophic. In managing updates and detecting attacks on an IoT deployment, moving to automatic device management can help simplify and bolster security.

Automatic device management works by updating a set of device twins with desired properties and reporting a summary that's based on device twin reported properties. It enables businesses to target a set of devices based on their properties, define the desired configuration, and then update the devices when they come into scope. This move allows CIOs and the wider IT departments to specify secure configurations just once and then have these managed by an IoT hub, which is well suited to managing projects at scale.

3. Prioritising database security

In today’s competitive landscape, business systems require high-performance, secure, and easy to manage databases that are optimised for edge scenarios. This includes integrating the ability to protect data at rest and in-motion on edge devices and at edge gateways.

This can be managed by deploying a central management portal which allows businesses to change and update all security policies within an IoT implementation from one central portal. It is also important to ensure that databases are secured using certificates, instead of passwords, to authorise identities when communicating with other local devices and with servers in the cloud. Unlike passwords or other authentication mechanisms that are based on shared details, certificates can’t be stolen, forged, or otherwise used to authenticate an impostor.

4. Futureproofing with long-term security frameworks

Alongside currently maintaining the highest levels of security within IoT systems, it’s just as essential to keep one eye on future planning. With the continually evolving range of threats, the security landscape within IoT is subject to a constant drumbeat of change.

Once the right security tools are integrated into an IoT solution the next step is to then anticipate and evaluate the wider security needs of the system and develop an outline framework of how to address this. A comprehensive birds-eye view of potential threats and vulnerabilities a business may face is the only way to establish security controls that will remain effective over the long term. Points to consider include industry threat profiles, anticipated changes to regulatory and compliance requirements, and possible budgetary restrictions.

Maintaining trust in IoT to facilitate future progression

As we continue to make huge strides in the sophistication and overall adoption of IoT within the age of the intelligent edge, ‘trust’ levels need to remain high for continued progression. The key points for today’s CIOs to consider are ensuring that security is built-in, not bolted-on, securing the intelligent cloud and databases, and finally, strengthening long-term security frameworks.

One business doing this well and leading the way for others is Starbucks. The technology-driven coffee company is using these core principles to connect and secure more than a dozen pieces of equipment in each of its 30,000 stores, which includes blenders and grinders. The IoT-enabled devices collect over a dozen data points for every coffee made, such as the type of bean, temperature, and water quality. This enables the business to be proactive when it comes to maintenance ensuring minimal downtime for repairs and business continuity. Starbucks is also able to send new coffee recipes directly to machines securely, at the click of a button.

There is no doubt that the threat landscape will continue to advance at a rapid pace. Businesses must, therefore, address security for the spectrum of the billions of connected devices from microprocessors to the smallest edge at the MCU level.