Search
Close this search box.

Kubernetes Data Protection – Addressing Ransomware Threats and Maintaining DevOps Agility

Kubernetes is here, and it is here to stay. According to Evaluator Group primary research, not only are most enterprises already using or planning to use Kubernetes, they are using Kubernetes for production workloads. We typically associate container environments and Kubernetes with cloud-native applications, and supporting these in production remains a leading use case. We are also seeing customers refactored VMware workloads for container infrastructures. No longer an infrastructure just for test/dev use cases, Kubernetes is now being used to support a range of business-critical workloads.

Unfortunately, because Kubernetes adoption is developer-driven, happening outside of the control of central IT, many organizations are delaying and neglecting protection of Kubernetes applications and their persistent data. Adoption is proceeding faster than enterprise-level protection, creating protection gaps that lead to the risk for data loss and downtime of business services. Proper management and protection is required as Kubernetes implementations support critical workloads, and as they operate at larger scale.

Why do Kubernetes workloads need to be protected? Evaluator Group consistently hears from customers that getting applications and business services back up and running as quickly as possible following an outage is a key concern, especially with how rampant ransomware has become. Like any platform, Kubernetes has vulnerabilities. For example, recently a vulnerability was found in CRI-O, a container runtime engine for Kubernetes, that allowed for root access to the host. Adding to its security risk posture, Kubernetes is an open-source platform, which means it carries the risk for code bugs and misconfigurations that require updates and patches to be addressed. It is difficult for IT to keep up these vulnerabilities because Kubernetes is on a quarterly update cadence.

The influence of DevOps on Kubernetes adoption and usage increases the need for automated data protection functionality. This includes not only applying protection policies that are set by IT, but also for recovery and failback operations. For example, disaster recovery plans can provide workflows to identify backups to recover from and to reconfigure metadata and namespace mappings. Developers need to operate as quickly as possible, making self-service recovery that is controlled with an intuitive user interface with strong access control capabilities such as role-based access control (RBAC) and multi-factor authentication (MFA) also important.

Kubernetes workloads require special efforts when it comes to data protection. They are architected differently and as a result introduce new requirements compared to virtual and physical machines. Additionally, in many cases there has not been enough coordination during the application delivery to ensure that protection meets enterprise requirements. Finding a data protection solution that meets these requirements while at the same time addresses DevOps teams’ need for agility is important.

Author Information

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

SHARE:

Latest Insights:

Tackling Mainframe Skills: Upskilling, Reskilling, and External Expertise Solutions for Modernization
Steven Dickens, Chief Technology Advisor at The Futurum Group, shares insights on how Mainframe modernization is accelerating with AI and hybrid IT, but skills gaps remain, with the majority of organizations relying on external providers.
Dion Hinchcliffe, VP of CIO Practice at The Futurum Group, shares insights into NVIDIA’s Q2 2024 earnings, challenges with its Blackwell chip, rising cloud costs, and the evolving AI skills gap.
NVIDIA, VMware, Salesforce, Dell, Pure Storage, and HP Inc. spotlight AI growth and cloud innovation. In episode 230 of the Six Five webcast, Patrick Moorhead, Daniel Newman, and guest Dan Ives discuss their innovations and market challenges.
Max Peterson, Vice President of Sovereign Cloud at AWS, joins Daniel Newman to share his insights on the burgeoning field of digital sovereignty, underlining its significance for businesses and governments alike.