Living on the edge

As governments at all levels seek to enhance the quality and performance of urban services, reduce costs and resource consumption, and engage more effectively and actively with citizens, we can expect to see more smart cities rolled out.

Key enablers of smart city initiatives globally have been the adoption of 5G and IoT applications. The Asia Pacific region is home to some of the world’s most advanced 5G markets, with Australia, China, Japan, Malaysia, Singapore and South Korea aiming to be global leaders. But for smart cities to truly reach their potential, they need to harness the benefits of the edge.

Using the edge to drive smart city adoption

Gartner defines edge computing as “part of a distributed computing topology where information processing is located close to the edge, where things and people produce or consume that information”. Using the edge, data is processed on smart devices rather than sent back to the cloud. This reduces latency, improves response times, and makes services more robust and easier to scale.

The edge can add another layer of scale and performance and, with the right design, provide additional security and help minimise costs. The edge is where applications and services need a presence in order for digital business across any industry to be successful.

Users, applications and endpoints now exist across multiple locations and across different industries. This means businesses need solutions that enable real-time collaboration regardless of location, efficient deployment of distributed workloads and a secure connection. Organisations must be able to manage business disruptions in a rapidly changing environment, accelerated by the pandemic and further driven by ongoing global developments.

Investing and innovating at the edge can bring valuable public sector improvements, including reduced latency, increased scalability and improved security. Edge computing will be critical for agencies looking to drive a new wave of innovation with security at the forefront. Computing at the edge makes room for real-time processing and performance while empowering developers to ‘just code’ without needing to manage the complexities of supplying computing capacity and deploying code at the edge.

More workloads such as IoT and augmented reality/virtual reality are moving to the edge to take advantage of the benefits, but many are still too resource-intensive — such as Industry 4.0 and 5G networking processing — to be feasible. For the workloads that can be moved, the results can lead to transformational digital experiences for users and developers alike.

The significance of edge for Australia’s smart cities

Edge computing is ideal for smart cities, where utilities and traffic are managed through intelligent, semi-autonomous networks. Locally, smart city projects will increasingly rely on processing data as close to the endpoint as possible. Several current programs, including ‘Switching on Darwin’ and Palmerston’s smart city initiative, involve using technology to improve community safety, with both of these utilising CCTV cameras and smart LED technology to reduce street crime.

Similarly, Queensland’s Logan City Flooded Roads Smart Warning System (FRSWS) project involves 20 FRSWS signs fitted with sensor technology to provide real-time information on the status of roads across the municipality. Given how quickly roads can flood, time is of the essence in minimising the risk of drivers inadvertently driving into flooded roads.

Edge computing is also being trialled by the NSW Government in Greater Sydney to monitor compliance of rank and hail taxi passenger service providers.

All these initiatives have one thing in common — a need to gather, process and analyse data closest to the point it is being generated, in order to unlock real-time insights.

Security and privacy at the edge

While edge computing can resolve some of the privacy issues by accumulating data centrally, it can present security risks and leave personal data more exposed. For governments already grappling with cybersecurity and citizen privacy issues in existing, centralised systems, managing a new, remote realm of potential vulnerability is challenging, as well as ensuring secure data transfer between the edge and the cloud.

An edge platform with full visibility into the ever-evolving threat landscape can help mitigate attacks on customers across all industries by providing broad API protections to deal with DDoS, malicious injection, credential abuse and API specification violations, while providing scalability and performance for API traffic.

Moving your security stack to the edge is a step in the right direction, as this is where threats, users and applications are located. Utilising the edge ensures that attack traffic can be blocked right at its source, preventing access to its target.

Some approaches to consider when securing the edge:

• Adopting a Zero Trust approach is needed to prevent unauthorised access by malicious actors. With a ‘never trust, always verify’ approach across all entities — regardless of location, device or application and where the data is hosted — Zero Trust ensures only the right people have access to the network at any given time. Zero Trust thinks and acts like the Secret Service, being vigilant and methodically checking credentials before allowing access — even when they recognise the person.
• Implementing a security strategy that addresses internal and external threats is paramount. While common countermeasures such as multi-factor authentication (MFA), antivirus tools, and strong identity and access controls are a crucial part of the Zero Trust security strategy to defend against external attacks, businesses and government organisations also need a strategy to minimise the risk of cybercriminals reaching critical assets once defences are breached. Microsegmentation can play a pivotal role in alleviating the impact of infections that slip through the cracks. Once advanced threats like ransomware attacks penetrate a network, they start exploring the infrastructure for vulnerabilities and high-value assets. Microsegmentation ringfences critical data and systems to prevent or mitigate the damage once an attack has begun.
• Implement audit processes to manage data and application hosting changes at the edge. Where critical application parts or data segments are transferred to edge facilities that haven’t been authorised as secure to host them, organisations can mitigate events by centrally controlling and subjecting edge application and data hosting to compliance audits.
• Record all edge activity. It’s important to have full visibility into edge activities so that the organisation can make informed decisions if and when a breach occurs. Log all events associated with edge computing operations, including deployments, design modifications and access to any administrative modes from either a local keyboard/screen or remotely. Employees from IT operations and security departments should be notified before changes are made, and an escalation procedure should be created to inform management if anything unexpected is reported.
   

As more smart city projects are rolled out across Australia, securing the edge must be a top priority to mitigate security risks and cyber attacks.

Image credit: iStockphoto.com/metamorworks