Interview with Mike Puglia, Chief Product Officer at Kaseya
How can containers bring benefits to cloud security?
MP: Containers enable organizations to isolate specific application workloads. From a security perspective, they reduce the attack surface and enable “single function” workloads – provided they are implemented properly. Containers have matured considerably in the past two years and developers and operations both need to ensure they are taking advantage of the latest security configuration options.
What security risks do containers contain?
MP: When we look at security risks we tend to immediately dive into technical details. While there are certainly technical considerations when deploying containers—such as using only validated images, protecting access to the underlying kernel and security cross container communication—the biggest security risk is the “unfamiliarity” of the technology due to its being rather new. Do your developer and ops teams have experience in configuring, deploying and running containers? Do your existing security tools extend to give you an accurate view of your containers? As with any new technology the answer is generally no. It is no different than the early days of virtual machines. Containers have the same potential as VMs, and we are seeing the technology and surrounding security community mature at a faster pace than any other infrastructure technology has.
How can enterprises with legacy systems benefit from containers?
MP: Just as we saw enterprises move from physical servers to virtual machines, enterprises can continue this productivity curve by adopting containers. It is another level of abstraction for greater consolidation within your existing infrastructure that makes application delivery more robust and scalable. Containers can be clustered to scale horizontally. And the speed at which they can be created and destroyed eases the process of “dialing up or down resources.”
Perhaps the biggest benefit is that you can build them once and use them anywhere. Legacy systems can become an anchor, holding companies back because their older apps can’t be moved. Because containers embed everything the application needs to run, they provide organizations with immense flexibility to move workloads to any underlying infrastructure as their needs and strategy changes.
Private, public or hybrid cloud; which path should a developer take when developing containers?
MP: There really isn’t a one-size-fits all approach. The benefit of containers is that they are portable. So organizations can choose an approach that works for them today, yet still have the freedom to change their underlying infrastructure without having to rewrite or rework the application.
Where do you see container technology moving over the next few years?
MP: Containers have the potential to be bigger than virtual machines. The next few years will bring maturity into the surrounding ecosystem—security, monitoring, audit—specifically aimed at containers and embedding container technology within popular platforms. And we are already seeing this with Windows 2016 Server and Linux distributions.
How does Kaseya use containers in their offerings?
MP: Kaseya utilizes containers to quickly scale back-end processing across both public and private clouds based on customer demand. This approach has been more portable than being dependent on specific VMs and allows us to segment functionality into micro-services to speed development and improve quality.