According to the PwC analysis, the market for edge data centers is expected to nearly triple by 2024 — from $4 billion in 2017 to $13.5 billion in 2024. What drives the demand for these small, local, and mission-critical data centers?
Data generated by the year 2025 is expected to be as massive as 175 zettabytes, a tenfold increase from a decade ago. Hence, as more and more data are collected, analyzed, and applied outside the traditional centralized data center model, the need arises for a complementary model: the cloud with an edge.
Taking into account the big picture, an edge data center works in parallel to the main one. A lot of enterprises are making their move towards the edge. This brings up the question of security. Despite being near and beneficial per se, how can edge data centers handle the safety of tons of data? Let’s take a deep dive.
What is an edge data center? How does it work?
Latency has become a critical concern due to big data, the Internet of Things (IoT), and the cloud, among other technology trends. To accommodate the data of end-users and devices demand anywhere and anytime, organizations across many industries are establishing edge data centers as a high-performance and cost-effective way to provide efficiency and functionality.
To put it simply, an edge data center is a smaller kind of data center that focuses on reducing latency and filtering out unwanted data. When it comes to smart cities and autonomous vehicles, being able to gather and process data in real-time is vital for safety and accuracy. Ideally, within edge data centers, the transmission of data is reduced as the location is nearer to the source of data.
In addition to this, within edge data centers, the massive amount of data from sensors, devices, and applications, can be sorted out accordingly. As a result, the important data are kept, stored, analyzed locally for faster and better data management and processing.
An edge server will be closer to the requesting machine and located inside an internet exchange point (IXP), allowing traffic to flow freely and quickly between two separate networks. It then becomes a hub that does some heavy lifting as devices in one network can request data from the other network.
Edge servers, that cache content in localized areas, can help to ease the burden off those servers. That is why moving files like media (images and videos) and digital records takes a much shorter time, leading for the resource to load sooner.
Security at the edge: challenges
When you consider the amount of data that will be processed, the edge can seem like a difficult landscape from a data security point of view.
Traditionally, a data center can be pictured as a large building with electric fencing, remote sensors, and security guards. These are essential to protect highly confidential servers. Now, as we move the data center closer to the end-user, the size of the sites becomes smaller.
This is the first security challenge of data centers. Remote edge data centers may not have security personnel or the same budget for protection as larger data centers. Thus, an infrastructure that lacks proper security measures can be susceptible to cyber-attacks such as tampering, theft, and hacking.
Despite the edge promising an upgraded performance that enhances the connection of many things on the outside to the cloud on the inside, this leads to creating "a big security challenge and a lucrative target for attackers,” says John Pescatore, director of emerging security trends at the SANS Institute.
The diversity of IoT devices and systems sitting at the edge also creates security challenges especially when industrial verticals with old-school supporting systems being merged with IT systems. For example, outsourced edge computing data centers may not always be compatible with legacy systems.
Edge data centers operated by third parties are usually kept updated to the latest versions of operating systems and architectures. This may cause problems as the edge is less optimized for old-fashioned enterprise applications of some businesses.
Another primary concern in edge data centers lies in the scale of deployment locations. “Instead of securing a majority of resources in a handful of core locations, the distributed nature of edge computing means that infrastructure, data, and applications could be spread across hundreds or thousands of locations,” says Dave McCarthy, edge strategies’ research director at IDC.
Being distributed may also result in unmonitored actions, data being lost in transmission, and other uncontrollable instances that may cause more harm than convenience. Moreover, many of the products and services for edge computing are relatively new, which means they still need to be under extensive security testing to be completely proven.
“For established vendors like Cisco, Google, AWS, Dell, etc., the software is still immature, and we are seeing [a] continuing stream of critical vulnerabilities exposed even in mature products at the edge,” Pescatore says. “Then there are dozens of startup vendors in the market that have no track record in secure products at all.”
The lack of maturity with edge offerings is by far the biggest security issue. Standardization of what an edge server and service really is as well as standards for secure architectures and system configurations from third parties is still underway.
Security at the edge: solutions
Considering how much is at stake in terms of data and infrastructure exposure, enterprises looking to take leverage of edge data centers will need to take steps to mitigate the potential risks.
How? Security must shift externally towards the edge of the network. Gartner calls this architecture a secure access service edge or SASE. According to the research firm’s forecast, by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE.
SASE is an emerging offering combining comprehensive wide area network (WAN) capabilities with comprehensive network security functions such as secure web gateways (SWG), cloud access security broker (CASB), firewalls as a service (FWaaS), and zero-trust network access (ZTNA), to support the dynamic secure access needs for digital transformation.
Thus, the benefits of SASE include reduced latency as this security solution at the edge enables requests for service to be authenticated at or near the point of access. For this reason, poor voice and video quality associated with Multiprotocol Label Switching (MPLS) traffic backhaul can be alleviated.
Secondly, by harnessing the cloud, organizations can reduce their carrier-provided private MPLS network costs. These costs can be cut by using a secure cloud interconnection exchange that consolidates hybrid and multi-cloud access at the edges of an enterprise network.
As edge computing expands its coverage, the edge security requirement heightens as well. Other important aspects involved in edge security are securing access to edge compute resources via encrypted tunnels, firewall, and access control; employing proactive threat detection technologies to identify potential issues early; ensuring the applications being run are not compromised; and keeping the devices up-to-date to reduce potential attacks.
Edge: building trust for data
Security at the edge can be viewed as a daunting task. As it is certainly not a problem that can be escaped from, security and network monitoring can be implemented. Having secure solutions will allow enterprises and edge data center providers to address what’s wrong and build the trust needed.
Whether data is in production, use, storage, or transit, protecting it is easier said than done. What sets apart security for data at the edge? First, as devices enter and exit the network, they must be trusted to participate in the data domain. Likewise, the data itself must be trusted as the data in motion will be more vulnerable as it wanders across networks.
Trust in devices and data must be established to protect systems from interference and unauthorized access. One approach that might work is keeping the data encrypted and putting the key outside the network. Thereby, the data remains safe, even when the network is intercepted.
As artificial intelligence (AI) and other emerging technologies play unprecedented roles in society, malicious actors should be prevented from messing around with the data. Otherwise, it may cause grievous problems, and in the worst-case scenario, loss of lives.
Maximizing the real-time processing at the edge, machines and humans alike can act to remedy threats before they grow and work in parallel to guarantee confidence when it comes to handling and evaluating data.