Building Apps in Kubernetes? Think Security Everywhere

Cloud-native development practices are rapidly gaining momentum, especially in Kubernetes, as organizations continue to shift away from legacy technologies to take advantage of the reliability, scalability and portability that a cloud-native stack provides. According to the Cloud Native Computing Foundation (CNCF), there are more than 6.5 million cloud-native developers and 5.6 million of them (86%) use Kubernetes. 

However, developing and deploying applications in Kubernetes environments presents unique risks and challenges, not the least of which is security. Kubernetes clusters cannot be secured by using traditional methods such as perimeter security. Built as a collection of dynamically provisioned microservices, cloud-native applications leverage open source modules deployed in distributed environments, and traditional tools that rely on static IP address-based enforcement rules and waterfall development models simply aren’t sufficient. 

This is a big problem because cybercrime continues to wreak havoc on organizations in every industry and sector. IDC reported that 37% of global organizations were victims of some form of ransomware in 2021; it’s incredible to consider that a ransomware attack happens somewhere every 11 seconds, costing organizations $10.5 trillion annually by 2025. A relevant example is the vulnerability in the open source logging system Log4j which enabled hackers to load random Java code and take over servers. 

As more and more applications are developed in Kubernetes, more attacks like this are inevitable. Without proper security measures in place, organizations will be sitting ducks. They must adopt a ‘security everywhere’ mindset and build in controls and protections throughout the application development life cycle, end-to-end. 

Lean on Automation

Organizations need to ensure applications are protected at every phase in the development life cycle, from pre-production to production. A common example of a Kubernetes vulnerability is when bad actors gain access to the underlying operating system, either because of privilege escalation or misconfiguration. Additionally, cloud-native applications may be using open source modules coming from other sources. It is critical to build on the right foundations with a container-optimized operating system that reduces the attack surface. Additionally, scan your container images and infrastructure for vulnerabilities and apply the appropriate patches and upgrades as a part of your CI/CD pipeline. 

Another critical step to ensuring security during pre-production is policy automation. Setting up data protection policy guardrails can help enable critical backup processes. For example, a policy might define the backup frequency and related data protection considerations such as retention periods. These application-specific backup processes should be applied automatically with runtime admission control checks, which enforce that production pods are not instantiated without the necessary data protection policy in place. Examples of such policy-driven automation enable teams to scale their data protection processes and ensure that they can recover quickly from accidental or malicious attacks. 

Automation is also extremely helpful in the throes of a ransomware attack when teams must move quickly to mitigate damage. Every second counts—not only are teams scrambling to protect data and applications, but business continuity is also top of mind. Automation ensures policies are in place so that applications are backed up regularly and recovery is stress-free with automated recovery blueprints. Ideally, you have a system in place to test your backup and recovery policies at regular intervals ahead of time, so you can have confidence that your processes work when you need them the most. Automation also eliminates human error, which is common when teams are under stress during an attack. 

Trust Your Last Line of Defense

Just as a goalie is the last line of defense for stopping the puck before the opponent scores a goal, your backup and disaster recovery strategy is your last line of defense to stop a bad actor from making an attack inflict permanent damage. Think of it as an insurance policy, providing data integrity and recoverability, should the unthinkable happen. Cybercriminals are continually finding new ways to infiltrate systems and infrastructure, and, eventually, they’ll find a vulnerability to exploit. 

An uptick in attacks on storage units is compounding the security risk for cloud-native environments in recent months. Not only are cybercriminals attacking the clusters, but they’re also targeting backups, as well. Consequently, even when effective policies are in place to secure cloud-native applications, it’s critical to be able to keep your backup copies safe, get early warning indicators of ongoing attacks and recover quickly to minimize the damage. 

To that end, backup immutability is essential. Immutable storage backups enable you to specify the retention period for the backup and ensure content cannot be altered in any way. In addition to protecting your applications from ransomware attacks, immutability protects them from human error. It’s also critical to have the freedom of choice to execute recovery in a completely different environment—whether it’s a hybrid scenario or a different storage class—and not be tied to a particular underlying storage infrastructure. 

Development to Deployment: Security is Everyone’s Responsibility

When it’s all said and done, Kubernetes applications and data are only as secure as the organization that develops and deploys them—and within the organization, security is everyone’s responsibility. Cybercriminals will continue to find ways to circumvent security measures, so it’s important to implement protections at all stages of cloud-native development. 

Developers that work to build a strong security foundation from the beginning will be far less likely to jeopardize production applications, particularly if they have effective backup and disaster recovery policies for protecting mission-critical data at runtime. A proactive stance that takes into consideration the potential for a security breach at any point along the cloud-native development supply chain will go a long way toward helping teams avoid the seemingly inevitable—and potentially devastating—consequences of an attack.

Join us for KubeCon + CloudNativeCon Europe 2022 in Valencia, Spain (and virtual) from May 16-20—the first in-person European event in three years!

Guarav Rishi

Gaurav Rishi is at the forefront of several Kubernetes ecosystem partnerships and has been a frequent speaker and author on cloud native innovations. He previously led Strategy and Product Management for Cisco's Cloud Media Processing business. In addition to launching multiple products and growing them to >$100M in revenues, he was also instrumental in several M&A transactions. Gaurav is a computer science graduate and has an MBA from the Wharton School.

Guarav Rishi has 1 posts and counting. See all posts by Guarav Rishi