Faster, Smarter, Safer: Your Organization in Containers

Looking for a modern-day example of the benefits of containers? In March 2020, SUSE, an open-source software enterprise, began providing free support and maintenance services for container technologies running in medical devices being used to battle the COVID-19 pandemic. 

 
The mutability speed of both the coronavirus and the healthcare science in use to combat it mandates application programming that can evolve at a moment’s notice; legacy technology simply doesn’t have that capability. This reality underscores (again) the value of containerization and the benefits that the legacy-to-containerization migration process offers.

Legacy Systems Are Losing Their Luster

After providing decades of foundational digital infrastructure for virtually every computing system on Earth, the vulnerabilities of yesterday’s legacy systems are finally proving to be insurmountable:

• In many cases, much of the system’s infrastructure is years, sometimes decades, old but remains in service due to a series of patches, reprogramming and technological bandaids. Even the IT department’s most skilled digital wizardry, however, can’t overcome the challenge of software that is simply too obsolete to provide further value.
• Old software is also often unsupported. Over time, as software vendors retool and reinvent their products, they also build in a ‘support services sunset date’ for their earlier program versions. After that sunset date, the company will no longer provide maintenance or upgrade services leaving legacy tech more vulnerable and dangerous.
• As software evolves, so does the security programming that keeps it safe. Many of the world’s digital systems regulators mandate that companies using their programming maintain the most updated security applications possible. Again, legacy programming isn’t often able to keep up with current compliance standards, leaving its users in peril of being both hacked and out of compliance.

Regardless of how well the systems worked in the past, there is simply too much digital disruption in the global markets today to continue to rely on it.

And investment trends reveal how application modernization into containerized systems is growing as the favored technology:

• The application migration to the containerization market is predicted to grow by almost 30 percent between now and 2026.
• Much of that growth is expected in the eCommerce and retail industries because the containerized system facilitates the swifter supply chain transactions that enable faster sales and deliveries.
• Electronic payments will also burgeon using containers to increase their system-wide scale. Visa, for example, refactored its two fundamental payment systems into containerized versions and was able to increase its capacity by 10 percent within six months.

Users report that modernizing their applications with containers facilitates a much faster pace for programming evolution so they can develop, test and deploy new applications as consumer, industry and regulator demands increase.

Securing Containers Ensures a Secure Organization

One concern about application modernization cited by many C-Suite residents is that the containerization of those functions may make them difficult to secure, given that containers are so fluid and adaptable by design. While their malleable ports and connecting points allow them to ‘plug and play’ into numerous systems, those also open vulnerabilities that hackers can exploit.

The container security concern is valid but shouldn’t act as a full stop to the container migration project. Just as they provide unmatched fluidity in function across platforms and systems, containers can also carry their own security programming and add that layer of protection into the container pipeline and the orchestrated system.

For example, developers can build a safe-to-deploy container by securing the individual elements that make up its contents and the systems in which it will work. Developers can build security functions into all the development/test/deploy phases, including them in the application program, the ‘build pipeline,’ the deployment environment, the management stack, the host and the overarching ‘attack surface of the container environment. By introducing security features as early as possible, that critical component becomes integrated into the entire development cycle.

There are also many tools available that contribute additional security features to a container. In a 2019 survey, 87 percent of more than 500 respondent IT professionals reported running container technologies and disclosed the security tools to maintain system security within those container orchestrations.

• 78 percent of the respondents run their production applications in containers;
• 24 percent run their systems on two of the three major public cloud platforms (Google, Azure, and AWS) while 12 percent run containers on all three;
• 20 percent spend more than a million dollars annually on technology and container security.

The majority of respondents (51 percent) reported ‘security’ as their biggest challenge:

• Data security was top of the list in three categories:
• 61 percent reported it as their top overall challenge;
• 56 percent reported concerns with security in storage capacities, and
• 51 percent cited deployment security as their biggest challenge.

However, they also compiled a significant list of the security practices they used to address their concerns:

• Data encryption was the most popular security tool, with 64 percent of respondents declaring it their most used tool.
• Runtime monitoring and anomaly blocking, scanning the CI/CD processes, and scanning registries were all tied at second best practice, with 49 percent of respondents giving the thumbs up to the activity.
• Secure secrets management, image signing, and hardening both the cluster and the host were also popular security tools in the containerized environment.

Also notable: one quarter (24 percent) of the survey respondents reported a dedicated security team or DevSecOps team as responsible for securing their containerized orchestrations.

The COVID-19 pandemic has obviously driven even faster the need for digital transformation, and it’s reassuring to note that tech wizards in the healthcare tech sector are ahead of that pace. Your organization is facing equally challenging competition in its own industry, and containers are going to provide you with equally valuable tools to maintain your market share.

Datavail’s modernization experts offer containerization consulting services to help you bring your legacy tech into the new, post-COVID era. Feel free to contact them, and also download our white paper, “How Companies Can Use Containers to Modernize Legacy Applications” to learn more.