Red Hat SummitBlog de Red Hat
Security is a worry because Edge is perceived as a weak point that will provide hackers and malware with millions of new openings into the digital infrastructure that supports tomorrow’s global economy. Yet, although Edge security poses risks, and there are plenty of holes to fill, there are also many leading ICT companies that focus on the big picture and can provide end-to-end security both for individual devices and for the network as a whole.
There are two types of security with which we must concern ourselves. The first is the security of the actual Edge devices; the second is the security of the data those devices collect and send to other points in the network.
Many devices ship with security holes, also known as zero day bugs. But even devices without bugs might be hacked eventually. When that happens, most vendors will send out patches and ask owners to install them – and most people won't. Let's talk through one of the bigger security issues we've seen with Edge and how to take the right precautions to prevent hacking.
Passwords
Most passwords are still set at their factory defaults; getting someone to actually update their own devices is a pipe dream. Hangzhou Xiongmai Technology learned this the hard way. Its DVRs and connected cameras got pulled into a Mirai botnet that took down large parts of the internet. Weak default passwords opened them up to the attack. The company had stopped shipping units with those weak passwords the year before, but for older products, it was reduced to asking owners to update the firmware and change the password manually. This means two things to the consumer and the edge industry at large.
First, hackers love IoT devices and Edge computing because they're plentiful, overlooked, and because it's up to vendors to build in security and allow for automatic over-the-air updates (which, at this point, they still don’t do).
Second, once the data has been collected and is in the cloud, it is a huge target for hackers. Hacking has become the newest sport. People from every country are attempting to hack service providers and companies to steal data. This is another weak spot, because the more data we save and collocate, the greater the opportunity a hacker has to access it – unless we take the right precautions.
Red Hat protects against this by directly integrating into a system that provides end-to-end security for the network [from device to edge to cloud to internal networks].
Red Hat Security
Red Hat security starts with design. The design workflows used ensure collaborative and accountable processes across your teams to define and implement security into the IT lifecycle. If you are using technologies that have highly connected environments (like cloud), know that some of the control might be in the hands of a third-party vendor.
Red Hat uses automation to build security into the foundation of your infrastructure. DevOps uses automation to run a continuous feedback loop throughout all stages of the application life cycle. “Building security in” borrows this practice–even if you aren’t a DevOps business.
Red Hat runs security on enhanced platforms, because traditional models of security that rely on manual processes are not compatible with the world we live in; especially if you use modern cloud technologies. Red Hat relies heavily on automation and whether you are using physical, virtual, private or public cloud, we make sure your infrastructure is embedded with protective and security-enhanced platforms that are common across all your environments.
Red Hat assigns roles early and according to your specific security needs; which will help you maintain a resilient security environment. Red Hat ensures privileges are assigned only to those who need them to do their work. You probably do this when people join your company, but make sure to update user data periodically and then again if someone leaves.
Red Hat also helps by adapting to the ever-changing landscape both on a security level and within your changing infrastructure. We can also help you deploy a rapid response team to security threats which is one of the most important things you can do to protect your business.
For more information on what Red Hat does when it comes to your security, visit https://www.redhat.com/en/technologies/guide/it-security.
To learn more about Edge Computing check out the resources below:
Connect with Red Hat Services
Learn more about Red Hat Consulting
Learn more about Red Hat Training
Join the Red Hat Learning Community
Learn more about Red Hat Certification
Subscribe to the Training Newsletter
Follow Red Hat Services on Twitter
Follow Red Hat Open Innovation Labs on Twitter
Like Red Hat Services on Facebook
Watch Red Hat Training videos on YouTube
Understand the value of Red Hat Certified Professionals
