What’s in a name? This security article highlights how some cloud definitions, such as edge computing, could in fact place some data, or even entire applications, on your systems, so that unbeknownst to you, they become your liability.
The term edge computing is fuzzy enough; does it mean the edge is inside my firewall or outside? Am I updating the software or is it auto-updated? Is the app running on my hardware or on the service provider’s hardware? On my premises or on theirs? These issues will become even more complex as advances in 5G deployment enable old architectures to be re-crafted on new platform technology that then employ new names to well-worn existing architectural definitions, such as headless architecture, to sound new and innovative:
“Edge Processing vs. Cloud Computing
Say you wanted some of your AI security computation done on-premises. This could be for various reasons, but the most compelling might be latency: you might want a door to open when an employee walks up to it via facial recognition. If you have to push the video to the cloud, process it there, return a result, reach back out to the door controller and open the door, there might be a few seconds of delay — during which your busy employee might smash their nose into the door.
How to fix this? Well, you could process the video onsite. Run the video through a computer onsite, frame by frame, and when the AI identifies the employee, send a command to the door controller. This could save a few seconds of upload/processing/download time. Welcome to edge processing.
We are assuming that the solution provider is providing this local computer: they manage this computer remotely, and they are still responsible for making sure everything works. It sounds like the cloud, except the processing is performed at the customer’s site — at the edge. It’s cloud-based on our definition above, except something is running on-premises. This edge processing is still legitimately part of a cloud-based offering because your provider handles all the hardware and support.
All that Glitters is not Cloud
Now let’s turn our attention to the term “Fake Cloud.” Fake cloud is when a surveillance security provider slaps a DNS/DDNS entry on a computer that your company owns and operates in order to achieve the same goal. You might be logging into something like:
• www.legacyprovider.com/yourcompany
• www.yourcompany.com/legacyprovider
• https://yourcompany.legacyprovider.com
But you might still be logging into a computer at your offices. So what just happened? Suddenly your company owns that computer and is responsible for its care and feeding, and it’s your problem if the data is lost, patches aren’t done, or the computer is hacked.”
The article also includes a graphic that clarifies cloud versus edge versus fake cloud across several attributes.
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group