Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Container Deployment Grows, Security Concerns Linger: Survey

While container adoption is likely to surge over the next few years, concerns around security, certification and adequate skills remain, according to a recent survey commissioned by Red Hat.

While container adoption is likely to surge over the next few years, concerns around security, certification and adequate skills remain, according to a recent survey commissioned by Red Hat.

The results of the survey, which tapped more than 383 global IT decision makers and professionals, revealed that 67 percent of respondents plan to have production rollouts of containers over the next two years.

Additionally, 50 percent of survey respondents said that they plan to use container-based applications in cloud roles, and 56 percent said containers would be used as vehicles for running web and e-commerce software.

Application development enhancements dominated as the top benefits of containers, with faster application deployment and reduced deployment effort topping the list at 60 percent each, Red Hat said, noting that forty-four (44) percent of respondents see containers as a means to consolidate existing servers.

The survey also showed that virtual machines are currently the preferred deployment method, with 83 percent of respondents planning to deploy containerized application implementations on top of virtual environments.

But what about container security?

Despite strong enterprise adoption plans for containers, the survey results highlighted a number of concerns, including:

• Security and a lack of certification/image provenance (60 percent of respondents)

Advertisement. Scroll to continue reading.

• Integration with existing development tools and processes (58 percent)

• Management (55 percent)

• Existing knowledge and skills (54 percent)

Finally, open source remains the dominant platform in the container world, with more than 95 percent of respondents planning container development on the Linux operating system.

Internal champions remain at the grassroots (39 percent) and middle management (36 percent) levels, with upper management and CIO directives playing limited roles in containerized application adoption within the enterprise, according to survey respondents.

Similar to virtual machines, containers benefit from resource isolation and allocation, but do not rely on an OS kernel, making them faster and more portable than virtual machines. However, containers hosted on the same machine must all use the same kernel, perhaps a reason for sparking security concerns by some.

“On a fundamental level, container security is equivalent to hypervisor security,” explained SecurityWeek columnist David Holmes in a recent column. “If you can suspend your disbelief about security to the point where you accept the additional layer of risk because there is no “air gap,” then you’ve got to be good with both hypervisors and containers.”

“The promise of container efficiency is leading some to predict that containers will eventually replace traditional virtualization systems,” Holmes added. “The ability to spin up containers in a second or less means they will proliferate to deliver their value and then disappear, allowing the underlying operating system to boost the efficiency of the application’s circulatory system.”

“Ultimately, containers represent a significant paradigm shift for enterprise application development and deployment, whether used to modernize existing applications to build net new web or cloud-native workloads, or enable DevOps,” Tim Yeaton, senior vice president, Infrastructure Business at Red Hat, said in a statement.

“Large scale enterprise adoption can be accelerated by addressing enterprises’ concerns about security, management, and developing the right skills,” Yeaton said.

The survey, conducted online during Q2 2015, represented organizations ranging from Fortune 500 companies to state and local governments.

Related Reading: Disrupting the Disruptor: Security of Docker Containers 

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...