Skip to main content

Customer information and the case of the missing containers

Dec

06

2020

Time to read

Read so far

Written by: 

Jim DeLorenzo

Time to read

Written by: 

encryption-study-blog_1000x420

If I said the word ‘containers’ in relation to the Middle East you would be forgiven for thinking of cargo ships and harbours. But increasingly for many, the first thing that may spring to mind are software containers and as these increasingly enter production systems and deployments so container security becomes a priority for IT security teams.

In fact, according to our 2020 Middle East Encryption Trends Study, the adoption of encryption in the Middle East has risen sharply over the past two years, and the fastest growing use case is Docker containers at 44% (up 15% from last year). Interestingly, the research also reveals that two thirds of respondents state that protecting consumer personal information is the top driver for deploying encryption in the region (13% higher than the global average).

There’s a third statistic in the report that stands out to me, namely that six out of ten of those interviewed see employee mistakes and temporary or contract workers as the most significant threats to the exposure of sensitive or confidential data.

These three drivers converge at an interesting point in which the transient nature of containers needs to be shored up against data loss, particularly customer information. Because containers have short life spans, monitoring them can be extremely difficult. Another security risk arises from a lack of visibility into an ever-changing container environment and that - unlike virtual machines (VMs) - containers aren’t necessarily isolated from one another, so a single compromised container can lead to other containers being compromised.

While there are best practices around implementing security tools and policies into the container creation and management as part of a well-defined DevOps framework, once a container is stopped and removed, it can be difficult to reconcile what security was in place. As such, if containers are created and deployed and there is an element of user error - for whatever reason – the data handled by that container (and potentially others) could be at risk.

Putting all these pieces together, encryption is the natural defence, helping to ensure that the data within the container has been protected at all stages. It’s encouraging to see that organisations across the Middle East are keen to adopt trends like containerisation, but equally recognise the inherent responsibility of protecting customer data from malicious and unintended vectors, and realise the benefits that encryption can offer to mitigate these risks.

Find out how leading organisations are applying encryption strategies, with detailed insights into the use cases that are growing the fastest. Download the 2020 Middle East Encryption Trends Study

JimDeLorenzo
Jim DeLorenzo
Solutions Marketing Manager, Data Protection Solutions
Jim DeLorenzo is a senior solutions marketing manager for Entrust, where he helps customers understand how Entrust Data Protection Solutions can help address enterprises’ unique security and compliance challenges. Jim does this through customer presentations, blogs, articles, whitepapers and other content. Jim has more than 10 years of experience with both startups and established enterprises in the security space, focusing on data protection, endpoint security and penetration testing solutions. He holds a master’s degree in marketing and an undergraduate degree in finance.
View all of Jim's Posts