Security Experts:

IT Teams Question Security of App Containers: Survey

Container technologies are becoming increasingly popular among IT decision makers lately, as they offer a means to deploy applications faster when compared to traditional methods. 

As container technology startup Docker explains on its website, containers “wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server.”

Although containers speed up app deployment and reduce costs, many concerns surround the rather new technology being deployed in data centers around the world. According to a recent survey of 272 IT decision makers in North America conducted by container security specialist Twistlock, 91 percent of the respondents said they were concerned about the security of containers. 

Earlier this year, a Red Hat survey found that security is only one of the concerns regarding containers, in addition to integration effort, management, and existing knowledge and skills required to manage containers.

Despite those concerns, containers are widely adopted, with 86 percent of the respondents in Twistlock’s survey saying that their companies have already deployed containers or plan on doing so in the next 12 months. Additionally, 35 percent of IT admins said that containers are already widely used across their enterprise infrastructure

The survey also revealed that 81 percent of IT decision makers who do not use containers in their networks would adopt a container strategy, should in-container security be provided. Furthermore, 40 percent of respondents admitted that they have no container security strategy, and 62 percent said they run containers within virtual machines.

When asked about the values of container security, 83 percent of the respondents said that they were looking for a consistent model from development through to production. Meanwhile, 82 percent were interested in preventing development mistakes from reaching production, and 80 percent valued the ability to detect vulnerabilities in containers.

55 percent of the respondents said that they use 100 or more containers during normal operations, while most of them said they were using Docker as the source for container images (49 percent use Docker Hub and 50 percent use Docker Trusted Registry).

“This survey shows what Twistlock has known all along—that even though containers are accessible and easy to deploy, many companies do not have a good grasp of how to manage container security. This remains a major adoption hurdle that is keeping data centers from migrating to containers completely” said Ben Bernstein, CEO of Twistloc, which helps customers identify vulnerabilities and enforce security policies across the container lifecycle,

While security concerns can be expected for any new technology, a recent Gartner analysis of Docker security largely gives Docker security a thumbs up, F5’s David Holmes highlighted in a recent SecurityWeek column.

“On a fundamental level, container security is equivalent to hypervisor security,” Holmes wrote. “If you can suspend your disbelief about security to the point where you accept the additional layer of risk because there is no “air gap,” then you’ve got to be good with both hypervisors and containers. Sure, Docker is not as mature as VMware, but that’s just one parameter in your equation—as container security matures, the reduced threat surface may lead to fewer vulnerabilities than full virtual machines.”

view counter