Containers Are Temporary, But Container Data Is Not

Uploaded on 2022-09-16 in TECHNOLOGY--Resilience, FREE TO VIEW

Containers are maturing and becoming an essential technology for organisations as they implement an application-modernisation strategy.

With all their code consolidated into a single package, containers can be spun up quickly and seamlessly moved from one computing environment to another. They can also be spun down when their work is complete, so they don't consume resources while sitting idle.

That's a massive bonus for developers. With containers, it is now feasible to move an application from a testing environment to a live production environment - or migrate from a physical machine to a virtual machine in the cloud.

Containers also enable developers to reuse code as they focus on building high-value software. That is one reason why it is projected that as much as 80% of workloads will shift to containers by 2023.

Despite all their upsides, one big challenge comes with containers: data storage and protection. Containers are temporary by nature. But storage, by its nature, is permanent. As they quickly spin up and take down containers, organisations find that containers' lifespan is often shorter than the data they create.

Data storage can't live by the same rules as containers: continuous creation and destruction. Instead, container data must be backed up and stored to protect against such risks as system outages and the data loss that can happen during the migration and deployment of new applications.

As companies look to ramp up their container strategy, most fail to understand that a robust and reliable data backup and recovery plan is a necessary part of that strategy. After all, if a company loses any mission-critical data during any stage of the container's development, it could potentially put its investments at risk.

Containers and containerised applications need a place to store and secure their historical data. Why? Because that data holds essential value to the organisation. For compliance or other reasons, container data needs to be stored and protected long after the container has been spun down.

Data Protection Is On You

One misunderstanding is that if containers are stored in a cloud service, data is automatically protected, and a complete recovery plan is in place. It is simply not the case. Cloud providers offer a baseline service for running containers and orchestrating their operations. But it's still your data, so you need internal policies to protect that data and recover it with minimal loss in the event of an incident.

It's important to remember that data consumed by containers is not a time-based process, with scheduled backups every few minutes or hours. Instead, it is event-driven. For instance, if you modify a container but don't get the results you anticipated, you'll probably want to revert that container to the previous state. But to do that, you need a proper backup of that previous state. These scenarios now make data storage a front-burner issue for IT developer teams.

So how can you ensure that your data is securely stored and backed up when using containers?

  • First and foremost, don't assume containers are immune to disasters or threats. All container applications and data should be part of your overall data resilience and protection strategy. The onus is on you to adequately secure every container in your environment.
  • You must also ensure that you protect the place where the data is stored, including the systems, the storage devices, and databases housing copies of your data. And as you expand your containerisation efforts, you must ensure your overall disaster recovery strategy can evolve to accommodate new data generated by emerging technologies and next-generation applications.

The Time To Tackle Backup Is Now

The bottom line is that properly backing up your data is still critically important and will only grow in importance in the days, months, and years ahead. As more organisations continue to embrace containers, they will create more data that needs to be backed up, stored, and protected.

Yes, containerisation brings a lot of new benefits to application development. But it also brings new challenges to data backup and recovery.

For this reason, organisations must pay serious attention to storing and securing their data processed by containers. If they do it now and do it right, they can enjoy the many advantages containers offer and move forward with confidence that their data is safe.

Florian Malecki is Executive Vice President of Marketing at Arcserve

You Might Also Read: 

Think Carefully Before You Pay For Cloud Downtime Insurance:

 

« Three Simple Steps To Effective Cybersecurity
How to Manage Cybersecurity Staff Shortages »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

Critical Infrastructures for Information and Cybersecurity (ICIC)

Critical Infrastructures for Information and Cybersecurity (ICIC)

ICIC addresses the demand for cybersecurity for National Public Sector organizations and civil and private sector organizations in Argentina.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

Haechi Audit

Haechi Audit

Haechi Audit is a leading smart contract security audit firm. We provide the most secure smart contract security audit and smart contract development services to our global clients.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Nonprofit Cyber

Nonprofit Cyber

Nonprofit Cyber is a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

SphereX Technologies

SphereX Technologies

SphereX is the first on-chain security solution for Web3 applications.

JLS Technology

JLS Technology

Since 2007, JLS Tech has been recognized as one of the world’s most innovative cybersecurity and technology operations leaders.

Recast Software

Recast Software

Recast Software exists to simplify the work of IT teams and enable them to create highly secure and compliant environments.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

BreachBits

BreachBits

BreachBits are on a mission to deliver world-class cyber risk insights continuously at scale in situations where knowing the true risk truly matters.

Mitra Informatics Integration (MII)

Mitra Informatics Integration (MII)

Mitra Informatics Integration is the information communication technology solution business of the Metrodata Group.