The Internet of Things, though still evolving, has pushed its way into the workplace. The result? CSOs are working overtime to keep up. What’s the protocol for these connected devices, and how do they fit into the existing security infrastructure?

The intelligent edge has emerged as a promising model for handling remote and varied connections—one that’s ideal for reconciling IoT with your topology.Instead of funneling unprocessed, raw data directly back to your network, intelligent edge computing allows data gathered from peripheral devices to be processed off-network and then transmitted back to the network as a finished product.

Instead of funneling unprocessed, raw data that hasn’t been molded or organized to match your existing infrastructure, the intelligent edge allows devices to be deployed at the network’s edge. As an operational solution, this expedites the connection process, decreases latency and increases the number of connections you can make at any one time.

The intelligent edge presents a unique opportunity to streamline the integration of remote connections. However, handling security outside the firewall also comes with its own slew of risks. Here are a few things CSOs should be aware of as they consider taking advantage of the intelligent edge.

Network outsiders

When we talk about the intelligent edge from an IT security perspective, we’re really talking about a range of use cases and initiatives in which resources are handled outside the firewall.

Since these connections are made in a demilitarized zone [(DMZ), outside of the usual, rigorous IT infrastructure], a higher degree of risk needs to be accounted for to ensure the whole system stays secure. This means keeping better watch over these devices than those assimilated to the network, and, subsequently, setting up different thresholds. It means filtering all traffic and ensuring that the data is encrypted in transit.

Devices connecting at the edge should be authenticated and vetted in multiple ways to make sure the device is compliant and without vulnerability. Once the device is secured, we can go farther by strategically limiting network access to moderate the scope of potential breaches.

Holding down the fort

The first step to creating a secure intelligent edge infrastructure is to sufficiently secure both IoT device communication and edge gateway appliances receiving that data from IoT devices.

Ensuring that both the transported data and the gateway appliances are properly secured requires positioning both in a properly secured and monitored DMZ environment. With this configuration IoT devices route through the intelligent edge’s single access point. This approach enables the collection of valuable analytics at a single point, instead of haphazardly or in a scattered collection. As a result, you can better see the bigger picture and get a more complete story about your devices, your users and behavior.

By streamlining data collection, you also limit the number of vulnerabilities detectible to potential attackers. The best rule of thumb in IT security is always to limit the number of network entry points. It’s easier, after all, to defend one gateway instead of a hundred. The intelligent edge allows you to do just that, routing all devices through one point and thus limiting the attack surface accessible by malicious actors. Meanwhile, by processing the data gathered from those remote devices up front—before sending that data back to the edge—you ensure a quicker, smoother process that limits the likelihood of anything getting caught in transit.

But buyer beware: the security of the information gathered at the edge is only as secure as its final destination. In many instances, this means the cloud. Since cloud storage is notoriously less secure than on-site storage, precautions need to be taken. By consolidating data collection, you raise the value of the incoming packages, so the onus is on your team and your cloud service provider to guard the data accordingly.

One easy step you can take to protect data collected this way is similar to how you collected it: store it in as few disparate locations as possible. By limiting where the data lives to one or a few locations, you’re again reducing the surface area available for attack as well as leaving less room for human error.

Since the intelligent edge protocol is still relatively young and untested, pay special attention to anything in its pipeline. Limiting storage to a single destination makes it much easier to monitor for anomalies and protect from threats.

The ramparts we watch

With its rapidly expanding frontier, IT needs regular booster shots to maintain sufficient security. The intelligent edge, like all new technologies, presents promising opportunities, especially when dealing with remote workloads and IoT devices. However, incorporating these new technologies into a network requires careful planning, risk identification, and properly designed security from concept to deployment and into production. Most importantly, organizations need to be thoughtful about how they assimilate it into their security infrastructure.

With new technologies constantly introduced into the marketplace, networks will increasingly grow more complex. Mitigating the associated risk ultimately means remaining vigilant while adapting to continuously emerging and evolving threats. We will certainly continue seeing the adoption of new technologies, such as the intelligent edge, in our environments. As we continue to adopt, risk will subsequently evolve, but so too will the rewards.


Related Blog Posts

See All Blogs

Keeping Your Agency Secure in the Cloud

Like it or not, no government is permanently safe from cyberthreats. The agencies that protect their citizen data the longest are the ones that best assess the risks facing them daily. It’s a situation that doesn’t change after organizations adopt…

GCN: Securing Data in the Cloud Requires Planning, Constant Vigilance

Government agencies know -- and have largely accepted the fact -- that moving to the cloud is inevitable. Where many start struggling is with the “how.”  How do they move legacy systems to the cloud? How do they choose the…

NextGov: It’s Time to Tackle the Problem of Unapproved Cloud Apps to Keep your Agency Secure

It’s a problem seen across all federal agencies: Employees are using cloud-based applications that aren’t approved or protected by IT teams. These apps range from sharing tools, such as cloud storage platforms, to social media sites or personal email accounts…

GCN: Why Blockchain Belongs in Government

Anyone with a finger on the pulse of the latest cybersecurity trends has probably noticed an increasing number of contributions to the blockchain conversation. The dialogue around blockchain, while loud, clear and growing, has been largely undirected for the past…

Federal Times: Can Industry Bridge the Government Cyber Skills Gap?

Federal agencies have until April 2019 to identify critical work roles and skill shortages in IT and cybersecurity as part of the Federal Cybersecurity Workforce Assessment Act. While this is a first step in determining a holistic approach to address…

CSO: Getting the Most out of Your Security Budget

There may be no more pressing need in today’s online world than quality cybersecurity, making it a top-line item for just about everyone. But even as the need builds, the salaries rise, and the expectations heighten, resources remain scarce. Security…

NextGov: The Time to Automate Security is Now

Cybersecurity threats are constantly evolving. Unfortunately, federal IT teams often find themselves low on resources, which means being proactive to combat them is a pipe dream. So how can leadership focus on strengthening their agency’s security posture when they spend…

TechTarget: Hyper-Converged Infrastructure Solutions Boost Channel

Enterprises are turning to hyper-converged infrastructure solutions because of their simple deployment model and high levels of automation. Some channel partners are cashing in on the technology shift, but traditional storage products still represent an enormous market. In this article…

CSO: Ways to Improve Your Security Team’s Response Time

When it comes to incident response, every second counts. The severity of breaches varies, but since damage done directly correlates to the time a malicious actor has access to your systems, it’s paramount that all threats are discovered and remediated…

3 Ways to Unleash the Power of Your Next-Generation Firewall

We more or less abandoned pagers more than 15 years ago. Fax machines have gone from ubiquity to near obsolescence. And floppy disks? Many of the most recent generation of tech users have never even held—let alone inserted—one. And yet,…

Cisco Live 2018: Vendor Opens Management Console to Partners

In this article for TechTarget, Force 3's VP of Client Solutions Jason Parry weighs in on the new opportunities arising from Cisco DNA Center. In Cisco's latest nod to software, the company has opened its Cisco DNA Center to developers,…

NextGov: How to Integrate TIC Security with the Federal Cloud-First Mandate

When the Trusted Internet Connections (TIC) initiative was first introduced more than a decade ago, the goal was to improve security in government IT systems by limiting the number of individual external network connections to the internet. Before implementing TIC security…

CSO: Security Metrics You Need for the Board

No one wants to show up to an important meeting empty-handed. But with so many analytics right at their fingertips, how can CSOs pick the right numbers to reflect their work? Here are three imperative security metrics to have in…

GCN: Building a Better Agency Through Software Orchestration

In federal IT, there is sometimes fear that software orchestration will render the technology professional’s role obsolete. This mindset, however, is misguided. In reality, the exact opposite is true: Orchestration has the potential to not only make federal IT workers’…

Preventing Ransomware Attacks the Right Way

Ransomware attacks continue to be a major threat with no sign of slowing down. Here are some lessons organizations can learn from federal agencies to better prevent them. While ransomware is hardly a new threat, it’s far from being obsolete.…

Anomaly Detection: Stop Threats Before They Hit Your Network

In today’s IT environment, endpoint monitoring is fairly standard procedure. Most organizations have at least some sort of system in place allowing them to collect network monitor firewalls and collect network usage data to for network anomaly detection. But, by…

5 Reasons Why Vulnerability Management Is No Longer Optional

For agencies determined to create the most effective network security strategy possible, vulnerability management is no longer optional—it’s a necessity.  If there’s anything we’ve learned in recent years, it’s that cyber threats just keep coming. Thwart one and a new…

3 Use Cases for Harnessing Next-Gen HCI

These days, between budgeting shortfalls and the unending data explosion, federal IT organizations face significant pressure to do more with less. This decline affected all areas of IT including software, hardware, networks and outsourced IT services. But even as funding…

NextGov: No Better Time for Software Orchestration

As agencies look to modernize, software orchestration offers an opportunity to make sure all their software is working together. It makes sense: All of your software should work together. And, once implemented, software automation and orchestration can help IT systems…

Best Practices for Thwarting Insider Threats

Testing the excerpt override field.

Hyper-Converged Infrastructure (HCI): Scalability and QoS

For federal agencies, hyper-converged infrastructure (HCI) offers scalability, quality of service. Federal agencies today face extensive pressure to move faster. Nowhere is this truer than in the IT realm, where teams are expected not only drive operational efficiency and reduce…

Dark Reading: 3 Tips to Keep Cybersecurity Front & Center

In today’s environment, a focus on cybersecurity isn’t a luxury. It’s a necessity, and making sure that focus is achieved starts with the company’s culture. For IT departments — especially in large organizations — daily operations are complex, multifaceted, and…

GCN: The Hidden Challenges of Federal IT Modernization

In the next three years, an estimated $3 billion worth of federal IT equipment will reach end-of-life status, according to former U.S. Federal CIO Tony Scott. It’s an intimidating number, and one that indicates just how far-reaching the need is…

IoT in Federal: From Concept to Reality and Risk

The way we reconcile our security concerns with IoT’s inevitable integration will determine whether the revolution upgrades our lives or creates chaos.  Remember when the Internet of Things was more concept than reality? Those days are long gone. Demand for…

Stealthwatch vs. Insider Threats

In an evermore threatening cybersecurity landscape, how can organizations protect themselves from one of the greatest security risks of all: The Insider Threat. Did you know? 66% of cyber attacks in 2015 were carried out by insiders. 74% of organizations…

NextGov: How Can Agencies Prepare for a Software Future?

For federal agencies and their IT teams, change is inevitable. After all, it’s the nature of IT to change and grow alongside rapid innovation. Today, agencies must adapt as we shift from a hardware-centric model to an increasingly software-defined world.…

Insider threats: 4 vulnerabilities you’re missing

Here are four insider threat vulnerabilities that are undervalued and what we can do about them.

NextGov: How Endpoint Security Helps Secure Humans

Humans: We’re impulsive, we’re fallible, we make bad decisions, and sometimes we do so on purpose. And yet, when it comes to cybersecurity, we too often focus on securing the network, without fully considering the role of the actual network…

Beyond Prevention: Cisco’s Next-Generation Endpoint Security

When it comes to endpoint security, Advanced Malware Protection is critical. The only way to defeat today’s security threats is to address them holistically across the full attack continuum—before, during and after an attack. The Cisco approach of continuous endpoint…

Endpoint Security is Critical for Malware Protection

A layered defense strategy has long been a core tenet of information security. But with cyber threats rising and exploits growing more diverse, it’s now more critical than ever that IT security teams incorporate a range of detection and remediation…

How can we help your agency achieve its mission?

Maximize your IT investments. Learn more about solutions and services from Force 3.