Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More
“Kubernetes” is a word that businesses are hearing more and more, but most outside the IT and security space probably don’t have a clear understanding of what it means. The word itself is Greek for “helmsman” or “pilot,” which actually provides a decent sense of what Kubernetes is about.
Essentially, Kubernetes is an open-source system used to automate software deployment — one that’s very good at managing and scaling containerized applications. It steers the ship, so to speak, for software developers operating at the scale today’s technology landscape demands.
That might sound technical, and it is. But as Kubernetes adoption increases, business leaders will need a more complete understanding of how it’s used within their organization. Those outside the development team may not even be aware that Kubernetes is used at all, which poses a significant problem. As it becomes more popular, cybercriminals are turning their attention to Kubernetes — and organizations without a thorough understanding of Kubernetes risk leaving a significant portion of their environment unprotected.
Why Kubernetes is on the rise
Kubernetes has become the de-facto standard for automating scaling, deployment and management of containerized applications. There are a number of factors driving its adoption, but it mostly boils down to enabling developers. The simplest explanation of how Kubernetes operates is that instead of developers deploying code directly onto a server, they can instead bundle up code in a container, which can then be deployed just about anywhere.
Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.
Kubernetes is like a head chef, making sure everyone in the kitchen is in the right place, doing what they’re supposed to be doing. This abstracts typical developer concerns, such as disk space or how many copies of an application they might need. Instead, all they need to think about is whether their Kubernetes cluster has enough resources to operate.
In the past, developers would typically build a monolithic application with a massive code base and deploy it directly to enormous servers. This works for a while, but as the business grows, the demands on that server would increase — and ultimately, it’s only possible to throw so much CPU and memory at a problem.
Servers have limits, after all. This makes it easy to see why Kubernetes has become popular: It allows businesses to scale horizontally. Rather than scaling vertically (by buying increasingly powerful servers), they can simply add more instances of an application as needed. This creates a different paradigm for scaling the business — one that is incredibly valuable, particularly for startups.
It’s also worth noting that Kubernetes introduces a layer of abstraction between developers writing code and that code being deployed and running. It means developers can focus on writing code and Kubernetes can take care of scaling it and managing upkeep. In the past, this would require a dedicated team of employees watching those applications, monitoring for outages, and adding more memory, servers, or CPU when necessary. Kubernetes eases that pain — which is just another reason it has become extremely popular.
Building Kubernetes awareness
While Kubernetes is great for developers, there are also challenges — particularly where security is concerned. Since Kubernetes is still (relatively) new, it can be difficult to find security professionals with Kubernetes expertise.
These experts are in understandably high demand at the moment, which means it can be a challenge for small companies and startups to bring them in. That said, as Kubernetes becomes more widespread, that knowledge base will grow — and there are partners and services businesses can turn to if they can’t attract the necessary expertise themselves.
It’s important for organizations to think of Kubernetes as an extension of their existing infrastructure. It requires the same levels of control, monitoring and response that a traditional development environment would have. Like all cybersecurity, protecting Kubernetes is more of a journey than a destination, but it’s important to start implementing controls as early as possible.
Organizations should take stock of where they are from a security perspective versus where they’d like to be, then start thinking about necessary steps to get there. This can be intimidating — some businesses spend years building their security infrastructure, and this can feel like starting from scratch — but it doesn’t have to be.
Taking the first steps toward Kubernetes security
First — and perhaps most importantly — one of the biggest mistakes organizations make when it comes to Kubernetes security is assuming they can simply buy a product that will take care of the problem for them. This is almost never the case when it comes to security. All security tools require a mature understanding of how they will be deployed, how they will be used and maintained, and what expected outcomes they will produce. Nice as it would be, there isn’t a single product that simply “solves security” for all Kubernetes environments.
Instead, the best first step is to engage with the engineers and DevOps teams actually using Kubernetes. No one is better positioned to explain not just their goals, but the potential risks associated with them. Bringing the development and security teams together to discuss where existing vulnerabilities may lie — and how they can be accounted for without compromising productivity — is critical. These insights can help identify which solutions are needed, leading to better purchasing decisions and more effective controls. When done correctly, security can be built into the Kubernetes environment from the start.
A daunting but necessary task
Securing Kubernetes can be a daunting task, but it’s one today’s organizations will need to engage with sooner rather than later. As a growing number of developers turn to Kubernetes to enable more straightforward, scalable software development, protecting Kubernetes environments will only become more critical.
Business leaders can get a jump start by having conversations with developers and engineers, educating themselves on the basic principles behind Kubernetes, and working to gain a more complete picture of the potential risks and challenges involved. Simply put, it’s 2023 — Kubernetes is only going to become more ubiquitous, and it’s important to know that your environments are safe.
Dan Whalen is a senior manager of R&D at Expel.