Security Is a Key Concern for Container Users

A broad majority of container users – 91 percent – said they are concerned about container security, according to a survey from Twistlock.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

data security

More than eight in 10 (86 percent) IT decision makers say their companies already deploy containers, or they plan to do so within a year, according to a recent survey commissioned by security solution vendor Twistlock.

Of that 86 percent, 35 percent said containers are already broadly deployed across their networks. Twistlock's flagship product is an enterprise security solution that keeps container-based applications safe.

Containers, such as those by Docker and CoreOS, provide a method of deploying applications faster and more cost-effectively than traditional means. Containers enable developers to package an application—with everything it needs to run—in a standardized unit for software development and install it on a server.

Container technologies have become a phenomenon of late, with Docker rising rapidly in popularity and market share. The survey found that Docker is the predominant source for container images; more than 98 percent of those who are using containers said they use Docker hub or Docker Trusted Registry as an image source.

Twistlock provides a security framework for developers of containerized applications. Its container security suite protects containers throughout the application lifecycle by ensuring that they comply with security policies at every stage, from early development through deployment. Twistlock also provides granular access control capabilities that enable enterprises to extend their access management policies to containerized applications.

Twistlock's survey showed that despite the increasing popularity of containers, security remains a key concern. Ninety-one percent of respondents said they are concerned about container security, and 50 percent said they are "very" or "extremely" concerned. Of those who do not use containers in their data center, 81 percent said the addition of in-container security would prompt them to adopt a container strategy. The survey, conducted by a third-party research firm in August, netted 272 responses from across North America.

Meanwhile, survey respondents listed three container security features that they think they would benefit most from. The largest number of respondents—83 percent—said they would benefit from the ability to ensure that all containers have a consistent security model from development through production. Eighty-two percent said they could benefit most from preventing development mistakes from reaching production, and 80 percent said they could most benefit from detecting vulnerabilities in containers.

"This survey shows what Twistlock has known all along—that even though containers are accessible and easy to deploy, many companies do not have a good grasp of how to manage container security, Ben Bernstein, CEO of Twistlock, said in a statement. "This remains a major adoption hurdle that is keeping data centers from migrating to containers completely."

The survey also found that nearly 55 percent of respondents have 100 or more containers in production and 49 percent have more than 100 container images. In addition, virtual machines remain a popular platform to run containers—62 percent said they run containers on top of VMs, with VMware as the top platform choice. In contrast, only 17 percent said they run containers on bare-metal servers.