KubeCon 2022: Data Security and Protection Insights

By Krista Macomber, Wednesday, November 2nd 2022

Analyst Blogs

Adoption of Kubernetes is tipping to the mainstream, with more than half of enterprises currently using Kubernetes in production according to recent Evaluator Group research. As these environments become stateful and run critical business services, IT and platform operations teams play a mission critical role in supporting the developer experience by facilitating data and infrastructure-related services. This was a major theme at KubeCon 2022 across the keynote and breakout sessions and conversations that Evaluator Group participated in.

Kubernetes Adoption Challenges

The problem is that most IT organizations today face gaps in both staffing and Kubernetes-related skills, and this is no different when it comes to data security and protection. Although some pockets of customers are ahead of the curve in their adoption and ability to utilize capabilities such as the underlying resiliency of containerized architectures, it was clear at the show that this is not the case for most IT shops.

Consequently, it is not surprising that insufficient IT staff is the third-most common problem with customers’ current data protection solutions, and nearly one on four are struggling with lack of support for new environments like Kubernetes as a top data protection-related pain point – according to a forthcoming primary research study from Evaluator Group on trends in enterprise data protection.

The State of Kubernetes Data Protection

Especially against the tide of ransomware and data privacy legislation and regulations, how does IT enable secure and compliant test/dev and production environments, while meeting business requirements for recovery points, recovery times and rollback and migration, without impeding business differentiating developer agility and productivity? Especially when it comes to cloud-native Kubernetes applications, this is a difficult feat. Open-source software such as Kubernetes is prone to code bugs and misconfigurations, as well as known vulnerabilities that regularly require updates and patches to be addressed. This task is difficult for IT to keep up with because of the cadence at which Kubernetes distributions are updated, as well as the ballooning and sprawling reach of the Cloud Native Computing Foundation (CNCF) – which now counts more than 120 projects and more than 176,000 contributors. The problem has become so pervasive, the Cloud Native Security conference has now been spun off as its own dedicated event.

Based on discussions at KubeCon 2022, Evaluator Group anticipates that the responsibility for data protection will remain with platform and IT operations, making it important to bake functionality in, in a way that makes it easier for developers to obtain their IT resources and roll applications back as needed in a secure and compliant manner. Vendor product enhancements announced at the show by and large carried a theme of simplicity in the form of automation and autonomy. This approach will help to avoid protection gaps and human error. It will also support the ability to scale policies across multi-cluster deployments, which are becoming more common to meet availability and tenant isolation requirements as Kubernetes environments scale.

Data Migration with Kubernetes

Another common theme is adding to ability to – or making it easier to – migrate data and applications, whether from on-premises to the cloud, between clusters, or between Kubernetes distributions. For customers, avoiding lock in is critically important, for several reasons including:

  • Providing the flexibility for developers to develop in the environment of their choice, and to then migrate the application to the environment that makes sense for business requirements such as security, performance, and cost.
  • Along a similar vein, providing the ability to migrate production applications and their data between cloud and Kubernetes providers as business requirements (e.g., compliance and workload performance) change, and as vendors update their feature sets and pricing.
  • Accelerating recovery from ransomware attacks – and in some cases, facilitating recovery. Evaluator Group has heard for years the desire among customers to avoid “putting all of their eggs in one basket” – for example, relying on the same cloud provider for their production and disaster recovery environment.
  • Facilitating a hybrid cloud approach.

What’s Next?

In conclusion, this is a developing market made more complex by the spattering of Kubernetes distributions and container-native approaches, as well as limited education around enterprise-grade data protection requirements for Kubernetes workloads. For IT operations, working hand-in-hand with development and security teams will be a requirement in order to facilitate a data protection approach that provides the appropriate levels of cyber-resiliency and meets service level agreements (SLAs) for data loss and downtime, without slowing down DevOps agility.

Forgot your password? Reset it here.