110 Items to Consider Before Deploying Containers in Your Organization
2Implemented Standardized Container Technology
3Containers must run on hardened OS
Containers share the same underlying operating system (the single-host OS). This model offers certain efficiencies, but any vulnerability in the OS can affect the containers it is hosting and any vulnerability in a container can affect the host OS. Look for a container solution built on a hardened OS platform and that supports capabilities such as isolation and vulnerability scanning.
4Manage Containers Consistently Across Environments
5Work With Containers that Are Certified Safe
One of the major benefits of container technology is reusability. But, as the use of containers increases—especially among different entities—there must be some methodology in place to ensure the content of a container can be certified and that any changes made are accounted for. Along change management lines, look for a container platform provider that can ensure your containers and applications are certified and safe to use.
6Perform Container Workload Analysis
Workload container analysis features can help organizations more safely adopt containers. Look for systems that will enable you to identify risks on different infrastructure levels, including service configuration within an image, tuning and configuration of container storage for optimal performance and file-system monitoring to help ensure registry functionality.
7Limit Access to Container Controls
8Adopt a Vulnerability Patching Procedure
Images are the building blocks for containers, and as companies increase their use of container technology, they’re accumulating more and more images. Some of these images will be developed in house, while others will come from vendor and open-source resources. These images can be further layered with additional functionality. That’s the beauty of containers, but as the use—and number—of container components grows, so, too, does the risk that a component will be compromised somehow. Organizations need to ensure they have a system in place to scan for and patch any vulnerabilities that exist in container components.
9Keep Track of Container Provenance
10Work With Vendors With Strong Partner Ecosystems
In the container world, no vendor or community is an island—at least they shouldn’t be if they are to provide a strong platform on which organizations can build their container strategy. Look for providers with strong, relevant partnerships, which are fundamental for success beyond the initial proof of concept. These providers need to be able to demonstrate strong, strategic partnerships with both open-source and commercial organizations.
11Do an Implementation Road Map to Stay on Track
Container technology is not new, but the time is right for its widespread use. The container world is changing fast, with more products and vendors coming on board. You’ll be hearing more and more companies touting their container capabilities—regardless of whether they really provide such offerings or are just piggybacking on a hot term. It’s important to leverage resources have that not only a proven history but also a strategic plan for how products and technology will—securely—take shape in the short and long term.