Blog | Harrison Clarke

Improve security at the edge with DevSecOps

Written by Harrison Clarke | Oct 26, 2021 1:17:36 PM

From simple temperature sensors to the most complex machine vision cameras, the growing number of IoT devices produce a colossal stream of data that holds the potential to fuel innovation and deliver more value to customers. Yet to harness this growing computing power of connected devices, the data needs to be stored and processed efficiently. While cloud computing supports modern technological advancements thanks to its resiliency, scalability, flexibility, and speed, its capabilities are insufficient to ensure all IoT devices’ correct operation.

Edge computing is critical in helping enterprises process these massive amounts of data that can’t migrate to the cloud due primarily to latency, security, and higher costs. As a result, organizations in various industries (such as hospitals, retail chains, logistics providers, and many others) have already begun to move their workloads to the edge. According to IDC forecasts, the size of the global edge computing market will reach $250.6 billion in 2024.

Edge computing augments the capabilities of the cloud by bringing enterprise applications closer to the point of interaction. However, edge implementation requires a framework that supports an accelerated delivery of reliable software. The DevOps framework can help organizations harness the full business benefits of edge computing.

Understanding edge computing

Edge computing is a distributed computing science that stores, processes, and analyzes data closer to its source (connected devices or edge servers). With edge computing, the information doesn’t have to travel miles of networks for processing. When computations take place on end devices, there is nearly zero latency in data transmission. As organizations no longer need to transport large volumes of data to the cloud, edge computing uses significantly less bandwidth, thus reducing operating costs. Processing data locally also increases computing reliability and provides actionable insights that enable organizations to respond faster to market demands and improve the end-user experience, uncovering new business opportunities. In addition, edge computing can complement and expand the capabilities of traditional systems, allowing teams to apply existing technologies and practices at the edge.

Adopting edge computing within an organization’s IT infrastructure can lead to specific difficulties such as the need to ensure reliable deployment of applications to the edge, maintaining flexibility and scalability as the organization’s needs evolve, and addressing security issues associated with operating on a growing number of IoT devices.

How DevOps applies to edge computing

The distributed nature of edge architectures involves running applications and servers at the edge. Thus, implementing edge requires a framework to safely and reliably code, test, and deploy edge applications. Applying the DevOps methodology and continuous development principles helps achieve this. Plus, DevOps-led organizations can employ the same well-established processes and tools (such as containers) to deploy efficiently across edge infrastructures. Finally, applying DevOps principles to the edge allows teams to detect and prevent issues in connected devices early, thus reducing the risk of significant faults reaching the entire system.

Handling security issues at the edge with DevSecOps 

One of the most significant difficulties enterprises face when implementing edge computing is security. With each edge platform deployed, the attack surface is likely to grow. Keeping edge environments safe from hackers and security breaches is a high-priority task for operational technology teams

The DevSecOps approach assumes integrating security concerns into DevOps methodology. It aims at accelerating the software cycle, and its core principles include continuous integration, continuous delivery, continuous testing, and continuous deployment. To achieve the desired security level, ongoing collaboration between release engineers and security teams throughout the DevSecOps cycle is necessary.

Following the DevSecOps approach that automatically integrates security tasks into all stages of the software development lifecycle, enterprises’ operational teams have developed certain best practices to ensure security in edge environments. To name a few: 

  • Comparing the current configuration versus the desired state to ensure that the edge nodes are operating correctly;
  • Ensuring that all communications between an edge agent and management hub are encrypted;
  • Generating a cryptographic signing key pair and rotating them periodically.

Addressing security at the edge with DevSecOps

The substantial volume of data generated by IoT devices today is placing significant strain on the IT infrastructure of organizations. A practical solution to this problem is edge computing, which moves data processing to the edge of the network closer to its source.

While there are clear benefits for enterprises, the adoption of edge computing presents certain challenges — in particular, the importance of security is growing. Any sensor in the edge platform becomes, in fact, a full-fledged computer device that can be hacked. The distributed architecture of edge computing requires strong security practices to ensure all nodes are operating optimally and running on the latest version. All communication between edge applications and the control center follows strict encryption protocols. Following the DevOps methodology principles and DevSecOps approach, in particular, will help address security issues.