Security is a multi-faceted issue to consider on multiple levels. It typically involves the physical facility,...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
data at rest and data in flight. By their very nature, containers pose some potential security vulnerabilities.
Consider the cabling that connects a container to the rest of the data center network. Ideally, cabling is run through a conduit to protect the cabling from the elements as well as physical tampering or hacking -- it's simple for a thief to slip a packet sniffer on an exposed cable to read unencrypted data.
Also consider that containers are mobile installations designed to be relocated with relative ease. It's not enough to just padlock the container; the container and any data at rest within the container are at risk of being simply disconnected, loaded onto a flatbed or truck, and just driven away. Remote deployment sites with no personnel can be particularly vulnerable to such outright theft.
Organizations can enhance security by using several tactics, including encrypting all data at rest within the container (making the data inaccessible even if the container is physically removed from the premises). In addition, physical security might include affixing the container to a permanent foundation, such as a heavy concrete base, and interlocking any access doors with switches that signal alarms and even start migrating data to other locations if the doors are opened unexpectedly.
The point is that a container may be unacceptable for certain types of highly sensitive data. Organizations contemplating a container facility must involve their compliance officers to determine any limitations on the data that container might host. Such planning translates into workload and data storage policies.
Containerized data centers have proven themselves to the IT industry, but they are not always the right choice for data center capacity expansions. As with any data center project, organizations must understand the suitability of the data they plan to migrate to a container and take the steps to secure and protect the container over its working lifespan.
Dig Deeper on Data center design and facilities
Related Q&A from Stephen J. Bigelow
VMware vSphere 6.5 takes an extra security step, building on UEFI secure boot with added cryptographic validation to all ESXi components.continue reading
Virtualization offers many advantages by abstracting workloads from hardware, but you may still need to find the VM host computer. You can do so ...continue reading
Live migration of VMs isn't a new technology, but vMotion encryption adds a unique layer of security because the user isn't encrypting the network.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.