Red Hat has published the results of its recent survey that raises a number of major concerns about security. In the report, it highlighted that:
67% of organizations have reported delaying or slowing down deployments due to Kubernetes security concerns
37% Experienced revenue or customer loss due to a container/Kubernetes security incident.
In my opinion, there are a number of reasons why this might be happening:
- Kubernetes security is often perceived as complex because it is indeed a complex platform with a lot of moving parts.
- This complexity makes it difficult to secure every aspect of the platform.
- Kubernetes is constantly evolving. This means that security best practices can quickly become outdated.
The Importance of Backup and Recovery and Why Should You Care?
As noted above with 37% having experienced a security incident, Kubernetes is a popular target for attackers. Kubernetes is used by many organizations across all sectors and industries, and it is increasingly often used to host critical applications.
Backup and recovery are essential for any organization that uses Kubernetes. It is insurance against attacks. A good backup and recovery plan can help organizations recover from a variety of security events, including ransomware attacks, site outages, and data breaches.
Unfortunately, in the survey, 35% of respondents said their existing container and Kubernetes security solution slow down development, which perhaps explains that people are unable to fully test their solutions before meeting production deadlines. To make things worse, an alarming 45% of respondents experienced a misconfiguration incident.
At Trilio, we understand the challenges that people face when developing applications for Kubernetes and it is why we developed a backup tool to provide an intelligent recovery specifically for Kubernetes and OpenShift clusters.
The survey continues to report that due to misconfiguration:
40% of users are worried about ransomware
38% of users are worried about exposure to sensitive data
34% of users are worried about data deletion
Trilio offers a cloud-native Kubernetes and fully certified Red Hat Operator that includes additional discovery, backup, and recovery tools as part of the standard NIST (National Institute of Standards and Technology) framework, empowering users and administrators with the ability to:
- Natively protect applications that are trusted, encrypted, and available as immutable backups
- Reduce recovery times during a security incident (RTO) utilizing Trilio’s Continuous Restore technology
- Provide point-in-time inspection of misconfiguration by allowing users to compare backup data to the expected running state of an application
Final thoughts
Like other enterprise-class solutions, Kubernetes security is a complex and ever-evolving topic. However, organizations should not take shortcuts and always consider implementing a backup and recovery solution for Kubernetes as part of any deployment. A modern backup and recovery plan can help organizations recover from a variety of security events, including ransomware attacks, site outages, and data breaches.