Virtualization containers, with their extraordinarily efficient hardware utilization, can be a dream come true for development teams. While containerization will probably never entirely replace virtual machines in enterprise application deployment, increasingly popular systems such as Docker (400 million downloads and counting) and Google Kubernetes fulfill wishes on the checklist for the speed and agility required to develop, test and deploy software at scale. However, nothing being perfect, there is one main concern: security. To be clear, the Docker model does address security, but responsible and knowledgeable use is a must. When you start using Docker, you quickly discover that there are lots of downloadable templates (“images”) available from repositories (“repos”) that can be used as shortcuts for writing your own micro-services, thus speeding development exponentially. The problem is that you don’t know which of these images are secure. This eWEEK slide show offers a set of best practices for enterprise IT managers, based on the Center for Internet Security’s benchmark resources and additional industry information from Amrit Williams, CTO of cloud security provider CloudPassage.

Leave a Reply