Containers Are Temporary, But Container Data Is Not

Uploaded on 2022-09-16 in TECHNOLOGY--Resilience, FREE TO VIEW

Containers are maturing and becoming an essential technology for organisations as they implement an application-modernisation strategy.

With all their code consolidated into a single package, containers can be spun up quickly and seamlessly moved from one computing environment to another. They can also be spun down when their work is complete, so they don't consume resources while sitting idle.

That's a massive bonus for developers. With containers, it is now feasible to move an application from a testing environment to a live production environment - or migrate from a physical machine to a virtual machine in the cloud.

Containers also enable developers to reuse code as they focus on building high-value software. That is one reason why it is projected that as much as 80% of workloads will shift to containers by 2023.

Despite all their upsides, one big challenge comes with containers: data storage and protection. Containers are temporary by nature. But storage, by its nature, is permanent. As they quickly spin up and take down containers, organisations find that containers' lifespan is often shorter than the data they create.

Data storage can't live by the same rules as containers: continuous creation and destruction. Instead, container data must be backed up and stored to protect against such risks as system outages and the data loss that can happen during the migration and deployment of new applications.

As companies look to ramp up their container strategy, most fail to understand that a robust and reliable data backup and recovery plan is a necessary part of that strategy. After all, if a company loses any mission-critical data during any stage of the container's development, it could potentially put its investments at risk.

Containers and containerised applications need a place to store and secure their historical data. Why? Because that data holds essential value to the organisation. For compliance or other reasons, container data needs to be stored and protected long after the container has been spun down.

Data Protection Is On You

One misunderstanding is that if containers are stored in a cloud service, data is automatically protected, and a complete recovery plan is in place. It is simply not the case. Cloud providers offer a baseline service for running containers and orchestrating their operations. But it's still your data, so you need internal policies to protect that data and recover it with minimal loss in the event of an incident.

It's important to remember that data consumed by containers is not a time-based process, with scheduled backups every few minutes or hours. Instead, it is event-driven. For instance, if you modify a container but don't get the results you anticipated, you'll probably want to revert that container to the previous state. But to do that, you need a proper backup of that previous state. These scenarios now make data storage a front-burner issue for IT developer teams.

So how can you ensure that your data is securely stored and backed up when using containers?

  • First and foremost, don't assume containers are immune to disasters or threats. All container applications and data should be part of your overall data resilience and protection strategy. The onus is on you to adequately secure every container in your environment.
  • You must also ensure that you protect the place where the data is stored, including the systems, the storage devices, and databases housing copies of your data. And as you expand your containerisation efforts, you must ensure your overall disaster recovery strategy can evolve to accommodate new data generated by emerging technologies and next-generation applications.

The Time To Tackle Backup Is Now

The bottom line is that properly backing up your data is still critically important and will only grow in importance in the days, months, and years ahead. As more organisations continue to embrace containers, they will create more data that needs to be backed up, stored, and protected.

Yes, containerisation brings a lot of new benefits to application development. But it also brings new challenges to data backup and recovery.

For this reason, organisations must pay serious attention to storing and securing their data processed by containers. If they do it now and do it right, they can enjoy the many advantages containers offer and move forward with confidence that their data is safe.

Florian Malecki is Executive Vice President of Marketing at Arcserve

You Might Also Read: 

Think Carefully Before You Pay For Cloud Downtime Insurance:

 

« Three Simple Steps To Effective Cybersecurity
How to Manage Cybersecurity Staff Shortages »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Maureen Data Systems (MDS)

Maureen Data Systems (MDS)

Our mission at Maureen Data Systems is to digitally transform business environments with the use of cloud infrastructure, security and privacy controls, data analytics, and managed services.

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

Agesic

Agesic

Agesic is an institution that leads the development of the Digital Government and the Information and Knowledge Society in Uruguay.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Vector Informatik

Vector Informatik

Vector Informatik is a specialist in automotove electronics and provides services, embedded software and tools for securing embedded systems against cyber-attacks.

NuCrypt

NuCrypt

NuCrypt is developing technology that is applicable to ultrahigh security data encryption as well as key distribution.

Swedish Incubators & Science Parks (SISP)

Swedish Incubators & Science Parks (SISP)

Swedish Incubators & Science Parks (SISP) is the Swedish industry association for Swedish incubators and science parks.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Trava Security

Trava Security

Trava simplifies cyber risk management for business owners and IT professionals. Automated assessments, mitigation advising, and data-driven cyber insurance.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

Bitdefender

Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.

Layer 8 Security

Layer 8 Security

Layer 8 Security is a cybersecurity advisory, consulting, and technical services firm that arms businesses with practical compliance, risk management, and security program strategies.