Summary
Highlights
Edge computing devices are more exposed and vulnerable to attack compared to cloud systems. Unlike secure cloud environments, edge devices are in the real world, necessitating strong security measures.
Physical security of the device is crucial. Operating system security, similar to securing smartphones, involves secure boot, encrypted hard drives (e.g., BitLocker for Windows), strong authentication, and regularly changing passwords. Implementing security keys for IoT devices is also recommended.
For larger edge devices, running operating systems like Linux or Windows is common. Windows, specifically Windows 10 IoT Enterprise, offers significant security capabilities such as application whitelisting, preventing unauthorized processes. Basic measures like antivirus scanning and regular updates are still vital. Operating systems like Windows offer built-in firewalls (e.g., Windows Firewall since XP) which should be enabled and configured to only listen on necessary ports like 443 for SSL.
In IoT, devices should primarily initiate outbound connections and maintain strong authentication. While some edge devices might need to listen for incoming data, especially in industrial settings using protocols like Modbus or OPC, robust firewall configurations are essential.
The concept of updating software over the air, established with Windows Update in the 1990s, is critical for modern edge devices. Continuous updates for security patches, antivirus definitions, and operating system components are necessary because vulnerabilities can emerge quickly. An embedded operating system on edge devices must be capable of self-updating to maintain security, akin to how ATMs built on Windows IoT leverage robust security.