As computing has become more distributed, security has evolved in multiple ways to address new use cases and cyberthreat vectors. One trend is edge computing, which is transforming how data is being processed and delivered. To briefly summarize edge computing, it involves making use of networks of edge devices, such as IoT, to process and compute data on-device in geographic proximity to the end-user, or where the data is ultimately delivered. Edge computing helps solve a number of problems, such as reducing costs of housing applications in a centralized data center, as well as reducing latency issues when processing in far-flung cloud clusters. The era of 5G, along with more powerful compute power packed into ever-smaller devices, should only accelerate the trend toward edge computing, making it more effective and economically feasible. Prominent use cases for edge computing today include augmented reality, self-driving cars, gaming, and smart cities—all areas that require super-fast processing and instant response.
Edge Security & Risks
However, this decentralized approach to computing at the edge requires a decentralized approach to data security. One such approach is edge security. The premise of edge security states that if everything is encrypted, and is transmitted encrypted, you should never have to worry about any resource (mostly data) being compromised. Thus, if all the resources on a device, anywhere in your network, is treated like an edge device, it should be exceedingly difficult to inappropriately access that resource, its applications, and the data contained on that device. If you encrypt all the data and file access, then, theoretically, you will not have to worry about these resources being shared, stolen, or inappropriately accessed by a threat actor.
Implementation of the edge security approach, as well as realization of the benefits, is not without its shortcomings and obstacles. Someone must configure these resources, set up encryption, enable management tools, and ultimately, for an end user, have some level of privileges to decrypt information for daily use. In addition, while data transmission can be completely transparent to the end user, the certificates and configuration of encryption also require privileges to configure. This is where zero trust and just-in-time privilege management can help significantly. Nonetheless, a gap remains in edge security for authentication.
Privileged account(s) are always needed to build out the edge security infrastructure, and they must be secured like any other highly sensitive privileged account. If not, a threat actor’s best chance of success at cracking edge security becomes the accounts used to manage edge security in the first place. Traditional privileged access management requires that these accounts become persistent, or always-on, and have a quantifiable risk based on time of exposure. What is needed is to apply an ephemeral method to control authenticated access to edge devices.
When does Edge Security make Sense?
Edge security is not for everyone. Many organizations will only adopt edge security on mobile devices, IoT, or for connectivity to the cloud. When implemented in a hybrid architecture, edge gateways commonly serve as a component to provide connectivity from hardened and encrypted environments to traditionally managed resources. Similarly to edge devices everywhere, these gateways must be configured and managed using some form of privileged account. A successful threat actor will most likely target these devices (if exposed to the Internet) for misconfigurations, vulnerabilities, or poor privileged account management in order to infiltrate an edge security hardening environment.
Managing or Accepting Edge Security Risks
Those of you who do adopt an edge security stance need to be mindful that the attack of the management tools, utilities, and certificates used for encryption and hardening present a genuine risk. And, unless you fully embrace a universal approach to privileged access management, an edge security approach will not be worth the considerable risks. If a threat actor obtains access to any of the applications used for managing edge security, or edge gateway security, then it is “game over”. These edge technologies themselves become the keys to the kingdom and must be guarded with the utmost diligence. So, what privileged access management disciplines will apply here? The answer—all three:
- Privileged Password & Session Management – The ability to centrally store, encrypt, retrieve, and automatically change passwords based on a workflow, and to enable access based on ephemeral, just-in-time criteria. Every session involving privileged access should be fully monitored and granularly managed.
- Secure Remote Access – The ability to manage remote access between any two edge systems and fully record visible screen activity, indexing of issued commands, and the ability to automatically identify inappropriate activity.
- Endpoint Privilege Management – The ability to remove administrative rights on any edge device and implement the concept of least privilege—regardless of device.
When applied to edge security, this universal privilege management strategy can mitigate the following four risks:
- Edge security applications, devices, and resources are placed under credential management. All passwords and certificates used for management are automatically rotated and unique per device. This ensures all management access is appropriate and approved, helping to prevent inappropriate lateral movement between edge devices due to reused passwords.
- All edge security device access for management is monitored and secured. Whether the access is from an internal resource, or a trusted vendor, access is encrypted, secured, and monitored per session to ensure all activity is appropriate and that no inappropriate changes are conducted.
- Privilege Access Management can be implemented to enforce zero trust and just-in-time access to privileged accounts used for edge management to ensure all privileged access is only granted for a limited time, and only when appropriate.
- Encryption works when a threat actor has no chance to decrypt the information. With the correct privileged account, certificates, and access, all encrypted data can ultimately be decrypted into a usable form. If not, it would serve no purpose. Organizations go through great pains to segment data and encrypt portions to prevent reassembly. Consider the PCI DSS requirements for credit card information as an example. If you can remove administrator rights to applications and the certificates used for encryption, you can mitigate some of the risk of a rogue administrator attempting to tamper with these controls. Endpoint privileged management is designed specifically to address this security risk. Applications that need superuser credentials to operate are obfuscated from the end user, and management can be conducted with explicit restrictions in order to constrain inappropriate access. A potential threat actor no long has the privileges to undermine the solutions used to manage and monitor edge security.
There is a lot of merit to, and legitimate use cases for, edge security, but only if your enterprise first has a strong security foundation, including privileged access security. The technology used to manage edge security resources suffers from the same flaws as almost every other information technology solution when privileged attack vectors are involved, including blockchains. Without proper privileged access management to control privileged access, manage passwords, monitor for inappropriate activity, and remove administrative rights, the edge security solution could itself could be the source of the breach.
Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.