How to secure containers and microservices

[InfoSec News <alerts () infosecnews org>]

http://www.infoworld.com/article/3029772/cloud-computing/how-to-secure-containers-and-microservices.html

By Jim Reno
InfoWorld.com
Feb 4, 2016

A few weeks ago on a Saturday morning I tried to pay a medical bill online 
and received the following message:

  Sorry! In order to serve you better, our website will be down for
  scheduled maintenance from Friday 6:00 PM to Sunday 6:00 PM.

OK, I get it. Stuff happens. However, the following week I was greeted 
with the same message. Two weekends in a row means 48 hours of downtime 
over two weeks. Even if that’s the only downtime for the year, that means 
an availability of 98.9 percent -- a rate that may be unacceptable for IT 
departments and many online businesses. I sensed legacy architecture.

Many successful businesses still use legacy architecture. After all, they 
were built on it. However, the inherent complexity of legacy servers leads 
to fewer releases with large amounts of content. This means more 
components and dependencies that cannot be individually upgraded. It’s 
this domino effect that forces many companies to still take down servers 
for extended maintenance (like the medical billing company I mentioned 
earlier).

Computer science has known the solution to the complexity problem for a 
long time: modularity. Design the system not as a small number of large 
complex parts, but as a large number of small, simple containerized 
applications. However, the larger number of smaller services means there 
are inevitably more pieces to manage. Where a legacy system might have had 
a dozen VMs, now it could have hundreds of software containers.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/