If I said the word ‘containers’ in relation to the Middle East you would be forgiven for thinking of cargo ships and harbours. But increasingly for many, the first thing that may spring to mind are software containers and as these increasingly enter production systems and deployments so container security becomes a priority for IT security teams.
In fact, according to our 2020 Middle East Encryption Trends Study, the adoption of encryption in the Middle East has risen sharply over the past two years, and the fastest growing use case is Docker containers at 44% (up 15% from last year). Interestingly, the research also reveals that two thirds of respondents state that protecting consumer personal information is the top driver for deploying encryption in the region (13% higher than the global average).
There’s a third statistic in the report that stands out to me, namely that six out of ten of those interviewed see employee mistakes and temporary or contract workers as the most significant threats to the exposure of sensitive or confidential data.
These three drivers converge at an interesting point in which the transient nature of containers needs to be shored up against data loss, particularly customer information. Because containers have short life spans, monitoring them can be extremely difficult. Another security risk arises from a lack of visibility into an ever-changing container environment and that – unlike virtual machines (VMs) – containers aren’t necessarily isolated from one another, so a single compromised container can lead to other containers being compromised.
While there are best practices around implementing security tools and policies into the container creation and management as part of a well-defined DevOps framework, once a container is stopped and removed, it can be difficult to reconcile what security was in place. As such, if containers are created and deployed and there is an element of user error – for whatever reason – the data handled by that container (and potentially others) could be at risk.
Putting all these pieces together, encryption is the natural defence, helping to ensure that the data within the container has been protected at all stages. It’s encouraging to see that organisations across the Middle East are keen to adopt trends like containerisation, but equally recognise the inherent responsibility of protecting customer data from malicious and unintended vectors, and realise the benefits that encryption can offer to mitigate these risks.
Find out how leading organisations are applying encryption strategies, with detailed insights into the use cases that are growing the fastest. Download the 2020 Middle East Encryption Trends Study