What is furry, affectionate, and purrs? A tribble! Tribbles were the tragic stars in an old Star Trek episode, “The Trouble with Tribbles.” Tribbles made awesome pets. However, things went bad when people discovered how quickly tribbles reproduce. If you look around, you might find something like tribbles in your network.
Containers can make life easier. Your DevOps guys take an application, bundle it up, and deploy it in a container like Docker or Kubernetes (k8s). The benefit is that you don’t have to worry about deploying any extra infrastructure. It’s almost like fire and forgets — and that’s the problem. If rolling out new applications is so easy, why not roll out tons of them?
Security is always a tradeoff between safety and convenience. Containers make application deployment convenient. Unfortunately, there is nothing inherently secure about easy deployment. In fact, the opposite is true. Easy deployment encourages fast and prolific deployment; fast and prolific deployment increases the likelihood of security problems. All of those deployed applications still need regular maintenance and patching. Since they are all in containers, there will be a natural disconnect from the normal IT security operations. Any of those contained applications could be just as much a security threat as a standalone server.
(Did you know… The Tribbles from Star Trek were remarkably similar to the flat cats from “The Rolling Stones” written by Robert A. Heinlein.)