Cloud Operations Will Depend on Virtualized Containers in 2016
This is the first in a two-part post. In this first part, I’d like to discuss how mainstream use of the cloud has turned the spotlight on the value of containers and the need to secure them.
If containers were a Wall Street stock, they’d be the hottest commodity. The tech world is buzzing about the benefits they offer: efficiency, reduced costs and increased flexibility. Developers tell us containers are much easier to use and scale in deployment. Hosting providers say they appreciate the efficient way containers allow them to offer software platforms to customers. Organizations that are moving applications to the cloud say containers allow them to go about it in a smarter, more economical way.
If surveys are to be believed, some 70 percent of enterprises are already using or considering moving towards virtual containers. A recent survey shows, and the upward trend shows no signs of slowing.
The Future of Containers in the Cloud
The cloud finally reached mainstream acceptance among enterprises in 2015, according to a Forrester Research report. That trend is expected to accelerate in 2016, as clouds are increasingly recognized as more secure than some enterprise environments because of automated security.
The same report predicts that cloud operations will not just use, but depend on, containers in 2016, further cementing their place in the IT world. Containers will increasingly become a way to build new cloud applications and create hybrid cloud operations.
Forrester analyst Robert Stroud said in his blog that containers such as Docker have generated tremendous uptake among well-known cloud providers over the last year. They are already being used to deliver some of the largest and most popular cloud services and applications. Stroud attributed the popularity of containers to the ability to “build once and run anywhere” - increasing server efficiency and scalability for IT managers.
While containers are becoming a crucial component of cloud operations, I believe there’s still significant room for growth within enterprises. Of the 70 percent of organizations already using or considering containers, the vast majority of use is in development and QA environments, as TechCrunch reported. Few enterprises are using containers for mission-critical applications within the production environment, but that is expected to change.
Understanding Container Security
Like all new technology, containers bring with them a unique set of security risks and concerns that need to be addressed.
Containers are vulnerable in three ways:
- Because they are self-contained, containers may include outdated, vulnerable and non-compliant components, putting everything at risk.
- Users of containers have few controls to limit or monitor their use, making them prime potential insider threats.
- Cyber criminals can leverage a container’s use of a shared kernel to infect all other containers running on the same host, or even within the same application across hosts.
Containers should therefore be monitored and secured at all levels: from the container, to the host and across the application. And this must be done not once but throughout the lifecycle to ensure the best possible security.
While it is expected that container environments, currently still maturing, will provide many basic security controls that they lack today, it is unlikely that they will be able to keep up with the threat landscape while also catering to ever increasing requests for more features and more flexibility. A more focused, security-centric approach will be required - same as it ever was with the evolution of computers, networking, the Internet and the cloud.
Read the second installment of this post about the challenges that containers present in cloud operations and what security measures should be taken to solve them.