Driven by surging digital transformation initiatives and IoT deployments around the world, more edge computing sites than ever are being established to meet localised demands. However, one unintended side effect is the difficulty of properly securing these far-flung systems.
Rise of edge devices
The danger is not limited to core systems such as servers, storage and networking equipment, but the ancillary equipment needed to support them such as power distribution units (PDU), cooling units, IoT sensors, and uninterruptible power supply (UPS). Because these devices pose a security problem and could be potential vectors for cyberattacks, they must be properly secured and monitored.
Unfortunately, facility managers do not necessarily have the expertise or bandwidth to manage these devices. It is also not feasible for a security professional to monitor the hundreds or even thousands of such devices. The result in most cases is a lack of visibility into the infrastructure, which translates into an inability to protect them from cyberattacks.
The chore starts to get “time-consuming and difficult” at as few as 20 devices, explained by Schneider Electric in a blog post. And it gets more challenging with geographically dispersed facilities such as edge data centres.
The cost of insecurity
The security threat on this front is not something in the theoretical realm, but one that has been observed by security researchers. According to Steven Brown, Head of Product Management for Secure Power Software at Schneider Electric, security researchers from Microsoft had previously found attempts by organised groups to compromised popular IoT devices across multiple customer locations.
The modus operandi is straightforward: Hackers gain initial access through a misconfigured or unpatched device. Once in, they launch internal scans to find other vulnerable appliances. This continues as the beachhead is expanded, allowing the bad actor to establish a substantial hold upon the network.
There is a clear need for tools that make it easier to not just manage traditional data centre equipment but to stand in the gap for security experts. Organisations need a way to quickly determine the status of their data centre deployment, such as which devices require a firmware update, find misconfigured or poorly secured equipment, and to install the latest security patch.
EcoStruxure by Schneider Electric
To fill this void, Schneider Electric came up with a new security assessment that is offered as part of its EcoStruxure IT Expert platform. The next-gen DCIM software leverages cloud-based technologies to actively monitor their data centre infrastructure.
A new security monitoring feature makes it trivial for customers to continuously assess the state of their systems. This ranges from configuration errors with security implications, out-of-date firmware, or whether some of the devices are simply too outdated to support security best-practices.
In comments published on Schneider Electric blog here, David Radszuweit, the CEO of Linespotting AB and a 25-year veteran in the industry, was a pilot customer of the security monitor feature. He shared about how the system proved to be a real eye-opener and helped him discover security issues on devices that he did not think existed. “It was a real eye-opener,” said Radszuweit.
You can learn more about Schneider Electric’s EcoStruxure IT Expert monitoring software here.
Chi Sen Gay, Head of Data Center Software Solutions, APJ & EMEA, Schneider Electric