Advertisement

Why We’re Playing Catch-Up on Kubernetes Data Backups

By on

Click to learn more about author Danny Allan.

The pace of change in enterprise IT has been rapid the past two decades, as technologies like AI, analytics, and IoT disrupt the way businesses run. And with the emergence of each new technology, organizations have to relearn the strategies they previously employed to protect data and applications using the old technologies. 

Sometimes they forget the lessons of the past. They get into a “move fast, break things” mode and forget about best practices. It happened with the shift from on-premises Microsoft Exchange to Office 365 in the cloud, and now it’s happening with containers

Containers on the Rise

As container use is exploding across the enterprise, it could pose a significant challenge for IT. A 2020 Cloud Native Computing Foundation (CNCF) survey found that 92% of responding companies run containers in production, and 83% of those deployments use Kubernetes. But while container use has been on the rise, data protection approaches have not kept pace. Employees are frequently deploying modern technology platforms, applications, and services without the explicit approval of the IT department. As a result, we’re playing catch-up with containers and data backup.

This is putting organizations at risk. In a DevOps world where Kubernetes orchestrates the actions, developers are given more freedom to perform self-service functions. More developers have access to the main systems, and this creates a greater risk of misconfiguring a database or deleting one. One false move could eliminate the digital service the team just built – or data could get stolen or lost. If you have a misconfigured bucket in the cloud, you can expose all kinds of marketing data. You need to be thinking about data protection and data backups from the very beginning because there’s more potential for things going wrong.

A DevOps and PlatformOps Collaboration

The DevOps culture’s emphasis on “shifting left” is putting too much responsibility on developers for backing up data. Developers put in one-line commands that perform the backup tasks they’re trying to achieve. The challenge is that a developer may not understand basic principles like the 3-2-1 policy approach to backup that enterprises have established over the past few decades, or why immutability is so important. All they know is that now they can perform back-ups as a self-service function much easier than they could before.

To resolve this, there still needs to be a shared responsibility between DevOps and PlatformOps teams, where PlatformOps teams are the ones responsible for compliance and protection tasks being met. DevOps need to understand it – and they should be enabled. But their responsibility should be in achieving creativity and creation rather than maintaining the compliance of the platforms. 

Increased Kubernetes Attacks on the Horizon

In many ways, the process of ensuring backups in Kubernetes environments is no different than in non-Kubernetes environments. The technologies are different, and the attack surface is smaller. But that attack surface is growing as more companies adopt containers and do their orchestration using Kubernetes.

The same thing happened in computer operating systems. Why did Windows have so many bugs and malware targeted on it for so long? It’s because it was the predominant operating system. But now we see an equal number on the Mac platform because it has caught up. Kubernetes hasn’t experienced a large number of vulnerabilities because the ROI for the attacker isn’t there – yet. 

But things are changing. Just a few weeks ago the updated version of Kali Linux – a two-decade-old Linux distribution specifically targeted for pen-testers – included a framework called Peirates for attacking a Kubernetes cluster. That tells you the attack surface is increasing. If they’re including attacking tools specifically for Kubernetes, it means we’re crossing an inflection point where Kubernetes is becoming important. If hackers attack it, they’re going to delete data or encrypt it for ransomware. And if they do, companies had better have a backup for it.

As we enable a DevOps mentality and more people have access to the data systems, we need to implement the proper controls to protect and recover data as quickly as possible.  

Leave a Reply