Popular container platforms like Docker and Kubernetes are widely used in cloud computing. Containers offer customers many advantages in portability, application isolation, and separation of team responsibilities. Using containers contributes to agile development and more efficient operations.
While the benefits afforded by employing containers are substantial, they can be difficult to keep secure. The beneficial characteristics of using containers, such as faster development to meet evolving market demands, have to be balanced with viable security measures.
Following are a few of the challenges associated with securing containers in cloud environments and some best practices to help minimize their potential risks.
Insecure or poisoned images
Images are the building blocks used to construct containers. These images can be built by in-house developers or downloaded from a third party. Even when your developers are building their images, they usually rely on a third-party base image as their foundation. This fact opens the door to using potentially tainted or malicious images.
Precautions can be taken to minimize the possibility that the images used to build a container are corrupted or insecure. A security operations (SecOps) team needs to institute policies that include:
- Identifying trusted sources for images and libraries;
- Performing checks to ensure only authentic images from valid sources are being used in the development pipeline.
Containers running with excessive privileges
Excessive privileges present a security problem throughout the information technology (IT) world. Containers are no different in this respect and provide multiple attack surfaces for hackers. Gaining control of a highly privileged container enables malicious actors to wreak havoc on a computing environment.
To avoid this issue, don’t run containers with a privileged flag which essentially gives the entity access to the root capabilities of the host. This means a compromised container can do just about anything. A better strategy is to use more fine-grained privileges and capabilities that do not pose the same danger if misused. The time spent tuning privileges will be handsomely repaid by less powerful containers that don’t put your environment at risk.
Hardening the container environment
Hardening the host, images, and container daemon all contribute to reducing runtime risks. This includes taking measures such as eliminating an attack surface by removing noncritical native functionality from the host. Permissions for critical system directories need to be carefully reviewed so only necessary privileges are granted to processes inside containers.
Benchmarks containing hardening guidelines for Docker environments have been published by the Center for Internet Security. These standards offer an excellent baseline for improving the security of an enterprise’s container environment.
The benefits afforded by containers are too valuable to be ignored. Using them effectively and safely requires a dedicated security mindset that takes the complete environment into account. Vigilant security will minimize the risks inherent in containers and enable organizations to take advantage of their flexibility and portability.