This is part of Solutions Review’s Premium Content Series, a collection of contributed columns written by industry experts in maturing software categories. In this submission, Kasten by Veeam‘s VP or Product and Partnerships Gaurav Rishi offers an overview and introduction of the Kubernetes Zero Trust model.
Kubernetes is the premier open-source container orchestration system, with 86 percent of the 6.5 million cloud-native developers worldwide using it today. It’s a powerful solution for delivering software efficiently and at scale. Unfortunately, the rapid adoption of Kubernetes has made it a target for cyber-attacks.
According to IDC, 37 percent of global organizations were victims of some form of ransomware in 2021, and 89 percent of organizations say that ransomware attacks on Kubernetes environments are an issue. What’s more, 55 percent of respondents in the U.S. that have deployed Kubernetes have already experienced ransomware attacks on their containerized environments.
The outlook is bleak. Attackers are becoming much more volatile and their attacks more frequent, and built-in security packages are insufficient protection. For example, hackers are attacking storage units in cloud-native environments, targeting not just the clusters but the backups, as well. Plus, Kubernetes applications encompass open-source code libraries. Bugs and misconfigured access permissions are common. Cloud-native apps consist of multiple microservices stored across different nodes, and Kubernetes objects contain networking configuration and data. In other words, it’s a complex environment and there are many components to protect.
Developers must craft full-fledged security strategies to protect their Kubernetes data and apps – and, increasingly, they’re turning to Zero Trust models.
What is Zero Trust?
Rather than a specific tool or technology, Zero Trust is a framework that requires a combination of tools and processes, along with a culture shift within an organization, to be effective. Zero Trust upends perimeter-based security models that operate according to a “trust but verify” approach, and instead apply the maxim, “Never trust, always verify.”
In Zero Trust, every identity is considered malicious until proven legitimate. Zero Trust policies are designed to block access to any user or device until its identity is authorized and authenticated – not once, but on an ongoing basis. Users are granted least privileged access to resources based on “just-enough” and “just-in-time” requirements. Devices and users must complete multi-factor authentication to provide evidence of their identity.
To implement Zero Trust in a Kubernetes environment, the CNCF recommends taking into consideration service design and construction, service packaging and container image design, pod specification, platform-based pod policies, and network policy. Here are three best practices to apply:
Build a Secure Network that is Prepared for the Most Hostile Attacks
Kubernetes is a new playground for hackers, and no one can predict what types of sophisticated and malicious attacks we may have to ward off. As such, it’s important to prepare for the worst. As you build your network, ensure that all hosts, containers, and serverless functions running across the public or private cloud are secured and continuously monitored to minimize the risk of misconfigurations and vulnerabilities. Network access between microservices should always be verified. Additionally, use micro-segmentation to designate various zones in a datacenter or cloud environment, to isolate workloads and limit traffic.
Verify and Authenticate Users, Devices, and Incoming traffic
Assume everything is suspicious. View users, devices, and incoming traffic with a watchful eye, configure access permissions into the software, and require anyone and everyone to verify their identity before gaining access. There are several available security solutions and plugins to choose from, such as client certificates, HTTP basic auth, and bearer tokens. Multi-Factor authentication is key to a strong security posture. It’s also a good idea to limit software permissions and capabilities to only those which the software needs to function.
Secure Kubernetes Resources with Reliable Backups
Regardless of the location of your data, apps, and components, reliable and continuous backup of all company data and assets is essential. Your backup solution should be able to capture the entire application, as containerized applications consist of multiple microservices and artifacts. These must be backed up in a consistent manner, so they can be recovered and restored quickly.
Look for backup and recovery solutions that are native to Kubernetes and agnostic to the virtual or physical infrastructure. Additionally, your solution should be able to back up applications into object storage, as well as handle stateful workloads, which make up about half of the Kubernetes clusters today. Other requirements include the ability to integrate with block storage APIs, S3-compatible object storage, and other file storage formats.
Finally, implementing Zero Trust into your Kubernetes environment requires educating your developers and other stakeholders in your organization about the importance of security, and ensuring they understand that security is a shared responsibility. Ample education and training about Zero Trust policies and procedures is a must to establish and maintain a culture of security that’s strong enough to protect your organization – and its cloud-native data and applications – in an increasingly hostile cyber landscape.
- Kubernetes Zero Trust Model: Overview and Introduction - September 22, 2022