This post originally appeared in the Technology Association of Oregon’s blog.
Cloud-native computing is not on the way. It’s already here. We now live in a cloud-native world. The cloud has evolved from being a complement to IT infrastructures into their core, and new technologies like Docker and serverless have made it easier than ever to deploy in the cloud.
The cloud-native revolution offers many promising innovations and opportunities for businesses. But it also poses new challenges, especially in the realm of security. In order to ensure that the cloud-native phenomenon helps your business rather than hurts it, you need to start preparing today for the realities of a cloud-native world.
What Is Cloud Native?
Cloud computing is not new. In fact, at this point, talking about “the cloud” can seem boring. On its own, the cloud lost its buzzworthy status circa 2010.
What is novel today, however, is the phenomenon of cloud-native computing. Cloud-native means something different than just the conventional cloud.
On its own, the cloud is merely a type of architecture that involves running workloads and hosting data on remote servers, and it is no longer a very big or exciting deal for most companies. They have been using the cloud for years now.
In contrast, cloud-native computing is defined by next-generation, cloud-based technologies that allow businesses to double down on the value they leverage from the cloud.
Containers are one example of such technologies. Although containers don’t have to be deployed in the cloud (you could run Docker on-premises), they are a perfect fit for cloud environments because they allow applications to be deployed as quickly and seamlessly as you can stand up virtual servers or set up ultra-scalable storage buckets in the cloud. In this way, containers add further value to the cloud by simplifying application deployment.
Serverless functions are another example of next-generation, cloud-native technologies. Serverless workloads can also be deployed and scaled with great ease, increasing the value of cloud environments.
According to a recent Capgemini report, 15 percent of new enterprise applications are cloud native, a statistic that is expected to hit 34 percent by 2020. It’s highly evident that the growth of cloud native will only expand upwards as organizations are developing the need to deploy innovations at an accelerated pace, as well as enhancing their applications for the end-user.
While cloud-native computing presents rich opportunities for achieving new IT efficiencies, it also gives rise to distinct challenges that did not exist in traditional cloud environments. They include:
- Complexity. Simply put, cloud-native environments have more moving parts. Whereas the typical business might have had only a dozen virtual machines to manage in the past, it now has to keep tabs on hundreds of containers, which might be spread across multiple host environments.
- Dynamism. Cloud-native environments change very quickly. Containers can spin up and down in seconds. Or you might run hundreds of serverless functions one second, then scale back down to a handful minutes later, as demand fluctuates. The ability to support this level of dynamism is a major advantage, but it also makes it more imperative than ever to detect performance and security issues in real time.
- No perimeters. In the past, most application environments had clearly defined perimeters, which you could secure using firewalls. In cloud-native environments, this ceases to be the case. You have multiple layers of software-defined networks to manage. You have endpoints that change constantly. You have applications running in one environment and storage resources in another. The lack of clear perimeters means traditional security strategies don’t work.
- Future-proofing. Perhaps the greatest challenge of the cloud-native age is that it’s hard to know what is coming next technology-wise. Just a few years ago, few people predicted how important Docker would become to production workloads, and almost no one was talking about serverless. Developing an effective IT strategy in the cloud-native era requires not just accommodating the innovative technologies that exist today, but also preparing for whatever might come next. And, of course, you need to do all of this while retaining compatibility with legacy infrastructure.
Meeting the Cloud-Native Challenge
What’s a business to do in the face of cloud-native complexities? Clearly, doing nothing is not the solution—not if you want to take advantage of the opportunities that cloud-native computing presents.
In order to protect your business from the new IT management threats that arise from cloud-native environments, your IT team should embrace the following strategies:
- Multi-layered monitoring. When it comes to both application performance monitoring and security monitoring, keeping tabs on just one layer of the environment is not enough. You need to watch everything—from network configurations to the code inside container images to the behavior of applications in runtime.
- DevSecOps. Keeping pace with the dynamic, highly scalable nature of cloud-native environments requires an IT organization that is as agile as the infrastructure it manages. That’s why embracing the DevSecOps concept is paramount. DevSecOps means maximizing collaboration between developers, security engineers and IT Ops engineers so that they work in parallel and coordinate responses to performance and security issues.
- Automate, automate, automate. You probably already know why automation is valuable in a cloud native world. It saves your IT staff time. But in the cloud-native age, automation is not just a nice-to-have feature. It’s essential for staying on top of highly changing environments and configurations. You can’t rely on humans to find configuration errors that could disrupt a service or create a security vulnerability. You need tools to automate the process for you.
- Keep your eyes on the horizon. An effective cloud-native IT strategy not only meets the technological and business needs of your organization today—It is also flexible enough to support new technologies and workloads in the future. Although you don’t know exactly what the future will demand, your strategies should be designed with the future in mind.
Opportunities and challenges tend to come in tandem, and this is certainly true of cloud-native computing. Taking advantage of the benefits of cloud-native environments requires addressing the special challenges that cloud-native computing presents.
- Cloud Native
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Cloud Platform Radar: Powerful Cloud Asset IdentificationRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog