On the Horizon: Ensuring Container Security in a Cloud Environment

by on Dec 11, 2017

The trend that rapidly gained momentum over the last couple of years: container tools. Accelerating from early stages, these tools are moving beyond testing phases, with companies now putting them into production. The vice president of technology strategy at IBM explains that containers are a “key element” that the company approaches with a forward-looking perspective.

But what are containers? And why have they become part of the foundation for technology and modern applications?

Containers package operating systems and code together as a standardized, light-weight unit in an enterprise or cloud environment. They are recognized as essential for companies in organizing computing infrastructure, providing speed and cost savings benefits, maintaining portability and identifying automation. Open-source platforms such as Google’s Kubernetes and Docker streamline container deployment and management.   

With the tremendous benefits attached to containers, companies—particularly those within the finance and banking industries—must remember a fundamental priority: information security. Security concerns, such as identity and access management breaches or malicious code execution, arise when utilizing container tools. Deploying highly secure private containers is vital, especially when bearing the responsibility of protecting customer data and transaction history.   

The main reason U.S. banks have avoided moving their core processing to the public cloud is the security risk. Capital One is the first American bank to adopt a cloud-first approach regarding software development and containerization.

The firm proceeded with caution through the release of its Critical Stack beta, a container orchestration platform with high security and compliance standards. The technology is designed to assist in the deployment and configuration of apps and infrastructure in the cloud. Critical Stack is currently the only platform compatible with Google’s Kubernetes. Capital One announced the beta release in a press release and on its Facebook and Twitter pages.

    

Capital One Critical Stack Facebook and Twitter Posts

For Capital One, the goal of acquiring Capital Stack was to take advantage of modern containerized infrastructure without having to put security and privacy at risk. From scalability to availability benefits, the container orchestration process can bring successful digital transformation to any company’s IT infrastructure, but many companies still remain hesitant. In response, Liam Randall, co-founder of Critical Stack, Inc., states, “We believe that Critical Stack will help other companies adopt containers at scale.” With initiatives such as Capital Stack in place, prehaps more financial and banking firms will adopt containerized infrastructure in the future.