If future IIoT security lies at the Edge, then so do VPNs
It’s time to stop talking about cloud computing as an emerging technology.
So many large enterprises now use cloud services as part of their processing needs that it is safe to say cloud computing has become the norm. Current growth rates for basic centralized services from the big four cloud providers are very healthy.
Yet, the IT industry is already looking to the Edge as the next natural step for cloud services expansion. The Edge is where the management of cloud services happens locally on remote devices such as the Industrial Internet of Things (IIoT).
An essential step to securing cloud services at the Edge is encryption. Only by encrypting absolutely everything and hardening connectivity using virtual private networks (VPNs) will it be possible to properly secure cloud data that lies outside the data center.
Spreading Influence of Cloud
Public cloud services continue to enjoy healthy growth. Gartner is forecasting worldwide cloud revenues to increase by around 20% to $186 billion in 2018, rising to $260 billion by 2020.
Most of the world’s centralized enterprise services from raw processing power and storage to applications services and hosted private cloud are offered by just four providers - Amazon, Microsoft, Google and IBM.
Over the next few years, large companies’ confidence in public cloud services is set to become more assured. Correspondingly they are expected to entrust ever greater data workloads to online services.
However, the amount of enterprise data large companies are willing to entrust to cloud services is finite and at some point in the not too distant future these growth rates will start to plateau.
Taking it to the Edge
The next phase of growth will be to provide cloud management services on remote Edge devices. The increase in mobile bandwidth speeds needed to make this feasible should arrive in a few years’ time when 5G starts to roll out.
The idea is that remote devices such as IIoT equipment will be able to offer the same benefits as a data center yet operate independently.
A good example of cloud services at the Edge are self-driving cars. Such vehicles have hundreds of sensors that are in constant communication with the cloud. A typical journey relies on high speed bandwidth being available at all times. The moment there is any latency then the drive is in peril. However, if the cloud management aspects were already in the car, then latency would no longer be a problem.
Another example of the cloud coming to the Edge is in the case of digital assistants like Echo or Alexa. A typical voice request currently experiences a degree of latency while the speech is processed, relayed in digital form to the cloud for processing and eventual response. The delay while the round trip takes place can be quite noticeable.
To overcome this, firms are developing their own AI chips so that more of the cloud processing can take place locally. Advances like this promise faster response times, reduced server costs and, perhaps most importantly, a higher probability of data privacy.
Remote Environments Spell Increased Risk
The security management deficiencies of IIoT devices are well publicized. Deployment of IIoT equipment in remote, exposed locations – in stark contrast to the secure environments in data centers - makes it difficult to actively monitor them.
One of the issues facing Edge computing is the absence of any universally recognized security standards. Another challenge is in automating the process of updating software and patches at the Edge.
Privacy is also an issue. Only a third of all sensitive data stored in cloud apps is encrypted.
Physical security measures are also reduced. The remoteness of some locations increases the risk of hard drives going missing or malware being introduced.
Solving this conundrum requires the same trusted platform computing elements to be present in remote devices as in the data center. Proper protection for cloud management capabilities at the Edge starts with strong data encryption.
Regulations aimed at requiring manufacturers to build-in better security for IIoT devices are at a formative stage and it could be several years before a universal standard emerges.
Yet, the technology for shielding sensitive data at the Edge is already well-established and widely available. If data is encrypted and subsequently stolen it will be of limited use to any unauthorized party.
Bringing cloud computing to the Edge may take some of the processing outside the safety confines of the data center but by hardening connections with secure tunnels and VPNs it is still possible to provide managed protection for all kinds of IIoT equipment.
In summary, cloud computing is now mainstream. For years, large enterprises have opted to build and maintain their own IT infrastructure in the firm belief that it is the best and safest way to protect and manage their data. But cloud’s manageability, process efficiency and cost saving virtues are gradually winning them over. These same virtues have the potential to enhance the speed and management challenges associated with IIoT equipment.
VPN tunnels are the most reliable way to protect remote IIoT data connections, encrypting absolutely everything as it passes between Edge devices and their centralized control points to shield it from the unwelcome attentions of attackers and industrial spies.