Kubernetes Data Protection – Addressing Ransomware Threats and Maintaining DevOps Agility

By , Wednesday, April 6th 2022

Categories: Analyst Blogs

Kubernetes is here, and it is here to stay. According to Evaluator Group primary research, not only are most enterprises already using or planning to use Kubernetes, they are using Kubernetes for production workloads. We typically associate container environments and Kubernetes with cloud-native applications, and supporting these in production remains a leading use case. We are also seeing customers refactored VMware workloads for container infrastructures. No longer an infrastructure just for test/dev use cases, Kubernetes is now being used to support a range of business-critical workloads.

Unfortunately, because Kubernetes adoption is developer-driven, happening outside of the control of central IT, many organizations are delaying and neglecting protection of Kubernetes applications and their persistent data. Adoption is proceeding faster than enterprise-level protection, creating protection gaps that lead to the risk for data loss and downtime of business services. Proper management and protection is required as Kubernetes implementations support critical workloads, and as they operate at larger scale.

Why do Kubernetes workloads need to be protected? Evaluator Group consistently hears from customers that getting applications and business services back up and running as quickly as possible following an outage is a key concern, especially with how rampant ransomware has become. Like any platform, Kubernetes has vulnerabilities. For example, recently a vulnerability was found in CRI-O, a container runtime engine for Kubernetes, that allowed for root access to the host. Adding to its security risk posture, Kubernetes is an open-source platform, which means it carries the risk for code bugs and misconfigurations that require updates and patches to be addressed. It is difficult for IT to keep up these vulnerabilities because Kubernetes is on a quarterly update cadence.

The influence of DevOps on Kubernetes adoption and usage increases the need for automated data protection functionality. This includes not only applying protection policies that are set by IT, but also for recovery and failback operations. For example, disaster recovery plans can provide workflows to identify backups to recover from and to reconfigure metadata and namespace mappings. Developers need to operate as quickly as possible, making self-service recovery that is controlled with an intuitive user interface with strong access control capabilities such as role-based access control (RBAC) and multi-factor authentication (MFA) also important.

Kubernetes workloads require special efforts when it comes to data protection. They are architected differently and as a result introduce new requirements compared to virtual and physical machines. Additionally, in many cases there has not been enough coordination during the application delivery to ensure that protection meets enterprise requirements. Finding a data protection solution that meets these requirements while at the same time addresses DevOps teams’ need for agility is important.

Forgot your password? Reset it here.