According to Gartner, around 70% of all organisations will be using at least three containerised applications by 2023. With an increasing number of businesses migrating to the cloud, and thousands of successful start-ups originating there, containerisation has become the number one choice for development and deployment. The use of containerised virtual runtime environments allows businesses to manage their software in the same way a conductor would orchestrate a group of musicians, balancing different resources and microservices to create the desired overall effect. It’s incredibly efficient and agile, and makes it easier for businesses to scale easily according to demand.
A survey carried out in 2019 by the Cloud Native Computing Foundation found that containerisation had actually become the new normal, with 4 in 5 deployment projects leveraging the technology. Most used Docker or Kubernetes to coordinate their container strategies, and containerisation has only continued to grow in popularity throughout the COVID-19 pandemic as more and more businesses increase their cloud native focus.
However, as with all technologies that experience a boom in popularity, there are often misconceptions or misunderstanding attached. In the case of containerisation, a lot of these misconceptions centre around security. Indeed, there have been many myths perpetuated online around container security throughout the past few years. In this article, we’ll take a handful of those myths and debunk them, so that your business can start to embrace containerisation and all of its benefits without fear.
Myth #1: Containers are inherently insecure
Even if you’ve only had a passing interest in containerisation, you’ll no doubt have read this on the internet somewhere. It’s an outright falsehood. In fact, containers are themselves by definition a security tool. They function as sealed containerised environments that can run applications in isolation, offering faster and safer mechanisms for software patching and updates versus something more traditional like a virtual machine (VM). To take this one step further, most container platforms actually have security capabilities built-in, such as ‘least privilege’, which limits container resources and visibility to essential resources only. This makes containers less likely to be seen or targeted during a cyberattack or malware incident.
Myth #2: Containers aren’t as secure as VMs
This is a debate that seems to have been raging for years, but it’s all hot air. Of course, there are instances in which a VM might provide a similar or increased level of security when compared to containerisation, but ‘security is as security does’. In order for any business to secure its environment, it must use its chosen platform to its fullest potential. So whether or not VMs are more secure than containers is really a non-argument, as it completely depends on which platforms are used and how well they’re used by the business.
Myth #3: Containers make compliance a nightmare
This is one of the most frustrating myths of all because, in actual fact, the direct opposite is true. Compliance is in fact much easier with containers. By default containers are far easier to audit, allowing businesses to apply and review security policies across entire machine clusters. A business could even automate access control rules across clusters that adhere to a specific set of industry or government regulations. Taking this approach can actually all but eliminate the risk of human error, therefore reducing the risk of penalties associated with non-compliance.
The truth about containers
Hopefully, by debunking these myths, you’ll begin to see the true benefits of containerisation without the security ‘downside’ that’s often wrongly attributed to it. The fact that organisations are looking for integrated security features that operate across an application’s lifecycle is admirable. The truth is, containerisation fits that bill better than most - including VMs - without ever letting security get in the way of developer workflow. Far from hindering security, containerisation gives organisations a unique opportunity to bolster their security with the introduction of new policy and governance models based on the containers themselves.
If an organisation’s goal is to develop and deploy apps in a competitive and agile way without giving an inch on security, containerisation should be right at the top of their digital shopping list.
