Virtualization Technology News and Information
Overlooking Kubernetes Security: The Biggest Downfalls for Companies

By Gaurav Rishi, VP of Products & Cloud Native Partnerships, Kasten by Veeam  

Cybercrime is set to cost organizations $10 trillion by 2025, and during that same time, container and Kubernetes adoption are becoming mainstream across organizations. According to Veeam's 2022 Data Protection Trends report, of those surveyed who were familiar with their organizations' container strategies, 56% of organizations are using containers in production already, with another 35% headed that way.

As Kubernetes adoption continues to drive Digital Transformation journeys for enterprises, attention has also been placed on the security measures - or lack thereof - with these new tools. The White House and other government agencies have already started scrutinizing open source and K8 security measures following the critical security flaw with Log4j, and company leadership is now left wondering whether their data is actually protected following Kubernetes migration. 

So, where's the disconnect? How is the use of containers and Kubernetes growing in popularity, but the proper security measures to ensure these environments remain protected against new and aggressive cyberattacks fall to the wayside? Part of this lies on the fact that teams believe Kubernetes development results in software that keeps data more stable and secure. In truth, Kubernetes environments are only as secure as an organization makes them.

Enterprises using Kubernetes often don't leverage the tools needed to ensure their cloud-native environments remain protected and capable to defend against the growing pressure of cybercriminals who are finding new doors to infiltrate companies every day. To better protect business applications, organizations need to consider three key factors to ensure they take a holistic approach to their modern cyberdefense plans. Let's explore these in more detail.

Just because it's in the cloud, doesn't mean it's protected

The biggest problem organizations have - even before a cyberattack hits - is that so many believe their data is protected automatically just because they've shifted to the cloud.

Replication or resiliency is not the same as security or protection. In the cloud, whenever a change is made (whether it be accidental, malicious, or on purpose), that change is copied over to every one of an organization's cloud regions.

Organizations must ensure they have additional security tools layered into their cloud and Kubernetes environments. Should data become compromised in these environments, recovery and backup tools must be present to get this information up and running again. This false sense of security that storing data in the cloud provides is the greatest gap facing most of the market using Kubernetes currently.

The benefit of leveraging automation

As enterprises continue to operate in hybrid environments, integrating more business applications across distributed teams, keeping track of which DevSecOps teams own management of which business applications becomes increasingly more difficult to monitor. On top of this, organizations are dealing with new technologies and the impact of the Great Resignation, which is causing a skills shortage and employee retention challenges. These elements make keeping track of application protection policies to ensure that security guardrails are updated and running efficiently that much harder.

The best thing an organization can do to get ahead of this is deploying automation when possible. With automation tools, DevSecOps teams no longer have to worry about ensuring each individual business application has protection policies set accordingly. Instead, they will receive automated suggestions based on the application makeup, aligning protection with business continuity needs. Setting policy protections becomes a hands-off process. Teams continue to be aware of the policies put in place, but they also have automation for blanket coverage as new applications are introduced into a cluster. 

Implement a security insurance policy

At the end of the day, no matter how an organization secures its infrastructure, there is no way to ensure cyberattacks such as ransomware won't happen. This is why it is critical that all companies adopt an insurance policy to recover when, not if, an attack happens. As a last line of defense, organizations should look for third-party solutions that offer infrastructure and location independence along with tamper-proof data recovery. This way, when an attack does hit, organizations can be assured the data they recovered is safe and organizations can get employees up and running quickly.

Data continues to be the #1 target for cybercriminals - regardless of which environment it's stored in - so organizations must prioritize protecting the data's confidentiality, integrity and availability. A data protection platform is an insurance policy against attacks on the destruction of data by offering immutability and swift recovery. While no organization is bulletproof to a cyberattack, it doesn't mean that an organization can't be as prepared as possible to quickly stop, remediate and recover from one.



Gaurav Rishi, VP of Products & Cloud Native Partnerships, Kasten by Veeam

Gaurav Rishi

Gaurav Rishi is the VP of Product at Kasten by Veeam. He is at the forefront of several Kubernetes ecosystem partnerships and has been a frequent speaker and author on cloud-native innovations. He previously led Strategy and Product Management for Cisco's Cloud Media Processing business. In addition to launching multiple products and growing them to >$100M in revenues, he was also instrumental in several M&A transactions. Gaurav is a computer science graduate and has an MBA from the Wharton School.

Published Friday, April 08, 2022 7:31 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2022>