Containers and Cloud Security

It seems like the more accessible cloud computing becomes, the more susceptible it grows to new threats. According to a recent Cloud Security Survey, security and data privacy in the cloud is a top worry for 70 percent of IT professionals, up 7 percent from 2015.

The shared nature of cloud computing exposes it to a host of data breaches and other attacks, which seem to grow more brazen with every strike. But improvements in cloud technology and security are occurring more rapidly, too.

Cloud’s Evolution

One of the biggest trends in cloud evolution is containers — a streamlined, secure, and easy-to-deploy alternative to virtual machines. With the ability to run multiple isolated systems on a single host, containers are primed to replace or enhance the old-fashioned OS-level virtualization systems. Containers help increase security by creating a boundary at the application level rather than at the server level. So if something goes wrong, only that individual container is affected and not the entire server. They’re also portable, extremely affordable, and already in use at several large companies including Microsoft, Google, and Facebook.

Containerization and Management

Cloud containers are so effective that many companies are running into the problem of having too many. To help manage this multitude of containers in play, container management systems are on the rise. One of the better-known systems is Docker. This open source platform wraps each piece of software in a cocoon of codes and files, so it contains everything needed to function in any environment it enters.

Containers and containerization platforms like Docker are fundamental to the cloud’s evolution, but the issue of its security remains. Intel may have found an answer with Clear Containers, which blend the isolation properties of virtual-machine technology with the deployment benefits of containers. Couple that
with recent upgrades to Intel’s Trusted Execution Technology (TXT) and Trusted Platform Module (TPM) technology, and the cloud looks to be traveling down the right path of security, functionality, and accessibility.

 

The “Treacherous 12”

38346226 - security lock on black computer keyboard - computer security concept

Newer threats will always be on the horizon. At this year’s RSA Conference, the Cloud Security Alliance discussed the top threats facing the cloud. We’ve highlighted the meanest of the “Treacherous 12” list below, along with the CSA’s recommendations for prevention:

Data Breaches

With so much personal information stored on shared cloud servers, the CSA recommends using multi-factor authentication and encryption to prevent breaches.

Account Hijacking

Prohibit the sharing of account credentials, and enable multi-factor authentication. Accounts should constantly be monitored, with every transaction traceable back to its human source.

Malicious Insiders

These can be former employees, disgruntled contractors, etc. The CSA recommends keeping control of the entire encryption process as well as the keys, and to segregate duties to minimize access to users. Effective logging, monitoring, and auditing are also critical.

Advanced Persistent Threats

Advanced persistent threats, or APTs, infiltrate systems and steal data over long periods of time. Training is recommended to recognize phishing techniques, and advanced security controls and response plans should be put in place.

Denial of Service Attacks

The best way to prevent a denial-of-service (or DoS) attack is to have a plan in place before it occurs. While major attacks are common, organizations should be aware of smaller, directed attacks, which target web servers and database vulnerabilities.

To find out more about how Intel technology is changing the future of cloud computing, visit Intel Cloud for All.