Edge Computing Security ‘Explosion’ Paves Way For New Channel Frontier
‘It’s about protecting that remote branch that didn’t exist a year and a half ago,’ said Computex Technology Solutions’ Faisal Bhutto. ‘If you have 4,000 employees, that’s roughly 4,000 edges.’
It’s not a question of “if,” it’s a matter of “when” a business will be hit by ransomware or a devastating security attack. That’s because for most businesses the attack surface is larger than ever before due to increasingly distributed IT infrastructures as edge computing momentum takes off, said Aqueduct Technologies President and CEO Manak Ahluwalia.
“We’ve seen an explosion in customers reassessing and reinvesting in security tools and technologies,” said Ahluwalia, whose Waltham, Mass.-based company is seeing a 300 percent spike in cybersecurity revenue this year. “Through COVID, customers have moved to a much more hybrid workforce where users are all over the world. Pre-COVID, they were able to really surround and protect their key applications and data at their own locations.”
With more applications now moving to the cloud, a company’s ability to protect those applications is not the same because they’re not located within its own boundaries, according to Ahluwalia.
“Their employees are coming in from the internet or on personal devices and at locations that organizations are unable to protect. The amount of bad actors that have access or try to get access is now exponentially greater. … Many customers are starting to consume security at the edge,” he said.
[Related: CRN 2021 Edge Computing 100]
Research firm IDC predicts that by 2023, more than 50 percent of new enterprise IT infrastructure deployed will be at the edge rather than inside data centers, up from less than 10 percent in 2020. IDC predicts the global edge computing market will reach $250 billion by 2024, with a compound annual growth rate of 12.5 percent over the next four years.
Solution providers say that security can’t be an afterthought at the edge as ransomware and cyberattacks continue to make headlines across the globe. One-third of all businesses worldwide have experienced a ransomware attack or breach over the past 12 months, according to a 2021 IDC study.
Vendors and solution providers are investing millions in launching new edge security offerings to combat the growing attack surface spurred by the global COVID-19 pandemic, as well as the uptick in public awareness of ransomware attacks. These offerings include new innovation around Secure Access Service Edge (SASE), SD-WAN with built-in security, and threat detection, response and prevention capabilities.
“We’re fighting back with SASE solutions, zero-trust security, multifactor authentication, stronger-than-ever identity access and authorization technologies and tools,” said Ahluwalia. “We’re seeing significant boosts in our Cisco and Palo Alto Networks security stacks. We’re seeing companies [like Lacework] pop up to solve issues that have been driven by the flight to the cloud and digital transformation. We’re making good inroads with companies like Arctic Wolf in managing threat detection and response for customers.”
Smart edge security solutions like Cisco’s SD-WAN Viptela fabric and Zscaler’s Zero Trust Exchange platform are excelling at thwarting attacks. In addition, solution providers are building their own Security Operation Centers as a service, cloud access security broker offerings, threat detection services and 24/7/365 incident response.
Solution provider Sentinel Technologies recently helped a customer that wanted better edge security as it migrated to the cloud. The solution it deployed consisted mainly of Sentinel’s own CloudSelect as-a-service and hosting offering, Cisco Viptela and Cisco Umbrella, as well as Oracle Cloud.
“They now essentially have an intrusion prevention system with detection capabilities and then policy-based segmentation of their wide-area network,” said Robert Keblusek, CTO of Downers Grove, Ill.-based Sentinel. “Users get the secure internet gateway, which is going to give us more cloud capabilities and more capabilities to do SaaS-based controls, and that’s running wherever the user is.”
Having an intelligent edge wrapped in security tools and channel services is key to a successful edge deployment, Keblusek said.
“It’s giving them the advantage of an intelligent edge that’s able to say, ‘Oh, this is [Microsoft] Azure traffic, so let me get a direct path because that’s the policy you’ve put in place. This is Oracle traffic, let me get a direct path to Oracle because you put that policy in place.’ So the previous network would have had to carry everything home and then it would have hit a traditional firewall, which had very little application knowledge. Whereas now, their intelligent edge gives people both local and cloud-based security parameters that they can do different things with.”
New edge security innovation from vendors combined with solution providers’ managed security services are preventing countless bad actors from gaining entrance.
“So if an incident were to arise, now customers are alerted and we’re alerted in real time, but our teams can act within minutes to basically block the attack on their behalf,” said Aqueduct’s Ahluwalia. “We’ve seen that countless [times] over and over again in the last year of just our ability to mitigate that risk and block that event, in some cases before customers even get out of bed.”
The Distributed Workforce
The home office has become the edge over the last 21 months for millions of employees around the world. If solution providers didn’t have edge security as part of their repertoires, they do now, according to Faisal Bhutto, president of cloud and cybersecurity at Houston-based solution provider Computex Technology Solutions.
“It’s about protecting that remote branch that didn’t exist a year and a half ago,” he said. “If you have 4,000 employees, that’s roughly 4,000 edges.”
And many more network edges could be “ticking time bombs” for customers if security isn’t addressed, Bhutto said.
At the same time, the number of mobile devices and connected endpoints has increased dramatically, making the attack surface at the edge much larger, he added.
“There’s plenty of opportunity and more dollars to be made in providing assistance to customers,” Bhutto said.
Solution provider giant Presidio has a nearly $1 billion cybersecurity practice with more than 300 security practitioners handling professional and managed security services for customers.
Presidio is baking security into the full IT stack at the software level, especially now with help from cloud consulting specialist Coda Global, which Presidio acquired in 2020. “We’re making sure we have security bolted down before we even get into a development environment,” said Dave Trader, Presidio’s field CISO.
The conversation around edge security is vital, Trader said.
“We’re trying to tell the story that the architecture of the network has to start with edge devices. It’s really how you architect and build up the network,” he said.
SASE, which has come onto the scene in the past two years, is helping businesses tap into the hybrid cloud and distribute their networking and security closer to their users at the edge. It’s an approach that Presidio is taking with the help of Cisco, which has put engineering resources toward SASE with its Cisco SD-WAN, Meraki next-generation firewall, Umbrella for Domain Name System-level security and ransomware protection, and Duo Security offerings for two-factor authentication, Trader said.
The edge requires a multidisciplined approach to security because it’s not about protecting one data center or physical boxes. Rather, it’s about users and devices that can be located anywhere in the world that need to be secure, he said.
At the start of the COVID-19 pandemic, New York-based Presidio was working with an architecture firm whose architects, now working from home, were spending close to eight hours downloading massive documents because they were backhauling to the data center to pull down the files to their local systems in their home.
“SASE is the next phase in how we get data closer, more securely, to the end user,” he said. “To enable them to do their job, we really needed to move that data from wherever it was sitting closer to them,” Trader said. It wasn’t as simple as using the cloud, which still requires edge devices, he said.
Presidio worked with Cisco to bring the data closer to the users while also layering on security, including identity access management. “Edge computing helped us architect all of that,” Trader said. SASE is also helping solution providers take a platform approach to security at the edge. “I don’t like to go in and say [to a customer]: ‘Here are 12 security products you need,’” he said. “I need all these tools to sing in harmony, and I get that from a platform perspective with SASE.”
Edge security took on a new shape as the pandemic unfolded, Trader said. “At the onset of the pandemic, [the security industry] tried to do it the old way where everyone came in through this one particular drawbridge. But we don’t do it that way anymore.”
Like Presidio, Sayers, a Vernon Hills, Ill.-based IT consulting firm, is taking a platform approach to security at the edge with SASE, the “underpinning” of any distributed infrastructure conversation, said Joel Grace, senior vice president of IT infrastructure and cloud.
“There’s a big push for SASE right now, but if you look at how you would traditionally address these dynamics at the edge, it would involve several different products and solutions to slice up the different risk scenarios,” he said.
The process, he added, becomes very complex very quickly.
“Whether it’s users or IoT devices, customers are looking at how to solve this overall challenge with a platform, as opposed to a bunch of disparate vendor solutions, like WAN solutions and firewall appliances,” he said. “Complexity is the killer of uptime and security.”
The Surge In Ransomware Attacks
Many attribute the rise in ransomware attacks to the fact that users are no longer behind a corporate firewall, but in their homes, on the road or in coffee shops. That’s leading to a significant uptick in ransomware attacks that start with compromised credentials originating from remote desktops, Sayers’ Grace said. To protect its customers’ edge environments, Sayers is relying on Hewlett Packard Enterprise-owned Aruba’s secure network access control offering ClearPass and its SD-WAN, powered by Silver Peak, and on Palo Alto Networks’ security technology.
“You don’t have any control of where [employees] are working from in some cases or what public networks they’re connecting to,” he said. “Certainly, the more companies that adopt remote work … it’s just a numbers game. You’re going to see more impact in terms of security incidents.”
Sentinel’s Keblusek said ransomware threats at its customers are up 3X in 2021 compared with 2020. “We’ve done hundreds of customer responses,” he said. “You can have the most intelligent and secure edge, but you are still going to get bad actors inside. Customers who have our SOC and detection solutions have been in luck.”
Sentinel’s overall security business is up nearly 200 percent in 2021 year over year, thanks to roaring sales in edge security solutions like SASE and its SOC services. The company’s incident response sales are up more than 300 percent year over year in 2021, while SOC revenue has increased over 200 percent.
With offerings from Cisco StealthWatch to security artificial intelligence specialist Darktrace, Sentinel is striving to turn the tide for customers against edge security threats.
“We’re able to segment that corporate edge thanks to smart devices that can now look at the different types of traffic and say, ‘OK, here’s the policy that you want enforced on that. Here are the types of logging, alerting and alarming that you want on that to go to your SOC. By the way, there are certain types of traffic that we want to go direct to cloud,’” he said. “It also enhances the user experience because they may not have to go through different tunnels and channels that add a bunch of unnecessary latency. Smart devices are key when you talk about the workplace level of edge enforcement.”
‘The Success Factor’ For Data Insight
The largest infrastructure and cybersecurity vendors have been creating tailor-made hardware, software and services to improve security at the edge.
In just the past few weeks, Dell Technologies has launched a slew of new offerings laser-focused on edge environments with built-in security features. Round Rock, Texas-based Dell unveiled a new line of PowerEdge servers, a 5G-enabled Edge Gateway to securely connect multiple edge devices across IT and operational technology environments, VxRail satellite nodes to bring hyperconverged infrastructure efficiencies to the edge, and a pair of ruggedized Latitude PCs meant to withstand harsh environmental conditions at edge sites.
Bobbie Stempfley, Dell’s vice president and business unit security officer, said the edge plays a critical role in “the success factor for actuating the data.” As the amount of data continues to increase exponentially, gaining insight from data is becoming one of most valuable assets for any company.
“Making sure we have the ability to process and actuate that data securely as close to where it’s collected is sort of the whole premise of the edge, which means that we really need to think
about security intrinsically for edge solutions,” said Stempfley.
Data center power infrastructure companies are also heavily focused on securing the edge.
“[Researchers] claim that most of the breaches happening at the edge have to do with products coming from the OT side of the equation. [With] IT products, people take security very seriously; companies coming from the OT side … they’re not as used to it,” said Hervé Tardy, vice president of marketing and strategy for the Critical Power and Digital Infrastructure division at Eaton, Dublin, Ireland. Even though Eaton provides a lot of industrial products, they all have security embedded, “not only for UPSes and PDUs—the products that our partners are used to dealing with on the IT side—but also all the upstream power distribution,” he said.
Vertiv, meanwhile, has launched its Avocent ADX Ecosystem series of IT management devices and software built upon a secure common architecture that seamlessly integrates and scales to create a resilient management fabric at the edge.
“We’re making it so customers don’t have to take some legacy products and try to make it fit in an edge situation,” said Angie McMillin, vice president and general manager of IT systems at Columbus, Ohio-based Vertiv. “Avocent ADX Ecosystem is plug and play, designed to work wherever they are, but it also has the latest security features in it. … Channel partners are so key and pivotal to our growth at that edge.”
Boston-based Schneider Electric recently launched its Smart-UPS Ultra, dubbed an industry first in 1U 3W UPSes. It is 50 percent smaller and lighter than the company’s traditional batteries, meaning there’s more rack space inside edge environments for networking gear. Smart-UPS Ultra also utilizes Schneider Electric’s EcoStruxure remote monitoring, management and servicing offering that channel partners can leverage.
Solution providers, in turn, are looking to their vendor partners to simplify security at the edge. That’s because they are the ones battling the massive complexities sprouting up as businesses begin putting more IT budget toward accommodating new remote workforces and remote sites.
“We’ve been working on simplifying and reducing the complexity from a security toolset perspective,” said Aqueduct’s Ahluwalia. “Because of this, for a lot of our customers that are getting hit by ransomware today it’s a relatively minimal amount of impact. They’re down to a single user being impacted versus having an enterprise-level event because we’ve made their systems and tools really sound. … Customers are really thanking us for putting them in that type of position because it’s not a matter of ‘if’—it’s a matter of ‘when.’”
Jenifer Follett contributed to this story.