stratus

Gartner Research Emphasizes the Importance of Edge Computing

The term “edge computing” may seem like another technical buzzword, but respected research firm Gartner believes that edge computing is fast becoming an industry standard. The world is getting faster and our need for real-time data processing is picking up as well.

So, what exactly is the edge? Edge computing are the solutions that facilitate data processing at or near the source of data generation. For example, in the context of the Internet of Things (IoT), the sources of data generation are usually things with sensors or embedded devices. Edge computing serves as the decentralized extension of the campus networks, cellular networks, data center networks or the cloud.

In the newsletter, we share Gartner research that boldly states that “the edge will eat the cloud” and that, “the architecture of IT will flip upside down, as data and content move from centralized cloud and data centers to the edge, pulling compute and storage with it.” Gartner predicts that as the demand for greater immersion and responsiveness grows, so will edge computing. “Edge computing provides processing, storage and services for things and people far away from centralized cores, and physically close to things and people.”

The offline-first functionality that the edge provides also eliminates issues like; latency, bandwidth, autonomy and security. For example, when a question is posed to devices like Alexa or Google Home there is an almost imperceptible lag while the data is retrieved from the cloud and relayed to the user. A scenario that becomes dangerous when applied to other emerging technologies.

Gartner breaks it down, “For a self-driving car traveling 70 miles per hour, 100 ms equals 10 feet. But if we have two self-driving cars, or two dozen all traveling toward the same location, 100 ms is an eternity. A lot can happen in a few milliseconds – lives could be at risk.” The cloud simple can’t keep up.

The Gartner research presented also discusses the importance of edge technology as IoT continues to explode. “More and more physical objects are becoming networked and contain embedded technology to communicate and sense or interact with their internal states or the external environment. By 2020, 20 billion “things” will be connected to the internet.” Gartner states, “A more interactive, immersive human-machine interface will force data and computing to move closer physically, and to live in the world with people.”

gemalto-cloud-security

Cloud Security: How to Secure Your Sensitive Data in the Cloud

In today’s always-connected world, an increasing number of organisations are moving their data to the cloud for operational efficiency, cost management, agility, scalability, etc.

As more data is produced, processed, and stored in the cloud – a prime target for cybercriminals who are always lurking around to lay their hands on organisations’ sensitive data – protecting the sensitive data that resides on the cloud becomes imperative.

Data Encryption Is Not Enough

While data encryption definitely acts as a strong deterrence, merely encrypting the data is not enough in today’s perilous times where cyber attacks are getting more sophisticated with every passing day. Since the data physically resides with the CSP, it is out of the direct control of the organisations that own the data.

In a scenario like this where organisations encrypt their cloud data, storing the encryption keys securely and separately from the encrypted data is of paramount importance.

Enter BYOK

To ensure optimal protection of their data in the cloud, an increasing number of organisations are adopting a Bring Your Own Key (BYOK) approach that enables them to securely create and manage their own encryption keys, separate from the CSP’s where their sensitive data is being hosted.

However, as more encryption keys are created for an increasing number of cloud environments like Microsoft Azure, Amazon Web Services (AWS), Salesforce, etc., efficiently managing the encryption keys of individual cloud applications and securing the access, becomes very important. Which is why many organisations use External Key Management (EKM) solutions to cohesively manage all their encryption keys in a secure manner that is bereft of any unauthorised access.

Take the example of Office 365, Microsoft’s on-demand cloud application that is widely used by organisations across the globe to support employee mobility by facilitating anytime, anywhere access to Microsoft’s email application – MS Outlook and business utility applications like MS Word, Excel, PowerPoint, etc.

Gemalto’s BYOK solutions (SafeNet ProtectApp and SafeNet KeySecure) for Office 365 not only ensure that organisations have complete control over their encrypted cloud data, but also seamlessly facilitate efficient management of the encryption keys of other cloud applications like Azure, AWS, Google Cloud and Salesforce.

Below is a quick snapshot of how SafeNet ProtectApp and SafeNet KeySecure seamlessly work with Azure BYOK:

1. SafeNet ProtectApp and KeySecure are used to generate a RSA Key Pair or required Key size using the FIPS 140-2 certified RNG of KeySecure.

2. A Self-SignedCertificateUtility.jar (which is a Java-based application) then interacts with KeySecure using a TLS-protected NAE service to fetch the Key Pair and create a Self-signed Certificate.

3. The Key Pair and Self-signed Certificate are stored securely in a PFX or P12 container that encrypts the contents using a Password-based Encryption (PBE) Key.

4. The PFX file (which is an encrypted container using a PBE Key) is then uploaded on Azure Key Vault using Azure Web API / Rest.

5. The transmission of the PFX file to the Azure Key Vault is protected using security mechanisms implemented by Azure on their Web API (TLS / SSL, etc.).

6. Since the PFX files will be located on the same system on which the SelfSignedCertificateUtility.jar utility will be executed, industry-best security practices like ensuring pre-boot approval, enabling two-factor authentication (2FA), etc. should be followed.

7. Once the Keys are loaded on Azure Key Vault, all encryption operations happen on Azure platform itself.

Page 7 of 7
1 5 6 7