Application containerisation guidance offered by ISACA
Two new ISACA white papers are available to offer guidance on application containerisation, which is gaining traction among software developers and data centre leaders.
Analysis from the association suggests that containerisation has the potential to increase efficiencies and data security options while decreasing cost.
“Containerisation technologies are changing the business and technical landscape within organisations. They represent an area of potential value and also of potential risk,” said Ed Moyle, ISACA’s director of thought leadership and research.
The papers feature a summary of the rising popularity of containers, called ‘Understanding the Enterprise Advantages of Application Containerisation: An Overview’, as well as practical guidance for assurance, governance and security professionals, titled ‘Understanding the Enterprise Advantages of Application Containerisation: Practitioner Considerations’.
ISACA defines an application container as “a mechanism that is used to isolate applications from each other within the context of a running operating system instance”. Containers allow data centres to deploy business applications more rapidly. Increased business agility, lower costs and more efficient use of resources are among the other factors sparking increased global adoption.
Containers execute application processes isolated from each other on the host operating system. This makes each application more ‘portable’ and allows more applications per physical device relative to operating system virtualisation. The separation also can have security advantages, potentially allowing the applications to be more available for updates and security patches.
Containers offer immediate benefits to developers, including the possibility to enhance security for individual applications. Data centres also stand to benefit through improved efficiency and operational advantages.
Isolating applications into containers instead of running them on the host operating system can bolster security. According to the ISACA guidance, practitioners can leverage containers to achieve several security benefits, including immutability of infrastructure, application hardening, streamlined patching and automation of security controls.
While containers are capable of adding value, they can also introduce areas of risk. Interference with the isolation mechanism can impact the underlying operating system and other containers that are on the same host. Weighing business benefits from containerisation against the risk requires practitioners to not only understand their organisations but also the enterprise threat context.
“Practitioners seeking to understand the risk equation for their enterprises need to understand both sides of that equation. Doing this allows them to select the appropriate controls — and appropriately monitor their performance in an ongoing way — to ensure that their organisations stay protected and make best use of technology to satisfy the goals of their business and stakeholders,” said Moyle.
Numerous containerisation platforms exist, with Docker being the most widely deployed. Docker containers can run on any computer and any cloud, and are not tied to any specific infrastructure.
Complimentary copies of both white papers can be downloaded here.
Cloudflare has increased its network footprint in Australia and New Zealand, opening four data...
ResetData has arranged deploy equipment cooled by the innovative Submer immersion cooling...
Equinix and PGIM Real Estate have announced the opening of SY9x — Sydney's first xScale...