June 25, 2017

Virtuozzo has announced new security features for its OpenVZ system container platform, which now includes encryption for at-rest data.

Virtuozzo develops a system container platform based on OpenVZ. System containers are designed to let users run an entire operating system inside a virtual environment.

System containers are pretty different from Docker containers. The latter are designed primarily for hosting individual applications. Docker containers are already receiving lots of security enhancements.

Still, Virtuozzo sees an opportunity in beefing up security for system containers, too. On Jan. 10, it announced a new feature for its platform that encrypts data at rest by default, so that only encrypted data is stored on disk. Virtuozzo automatically decrypts data when it is loaded into memory.

Virtuozzo, System Containers and Data Security

The company says it introduced the enhancement because “the inability to secure data in containers is widely seen as a leading reason that CIOs and IT teams at businesses of all sizes have not widely deployed containers for production applications and workloads.”

Those CIOs and IT teams are probably thinking more about data security issues related to Docker, the container platform that is currently in vogue. Data storage for Docker is less straightforward than it is for OpenVZ. With Docker, you have to set up data volumes to store data persistently, or attach your containers to a scale-out storage system. Either way, there are more layers to secure if you want the data to be protected.

Yet even if the data security challenges are different between OpenVZ and Docker, it certainly can’t hurt Virtuozzo’s business to add encryption features to OpenVZ containers, too. That’s especially true because the other major system container platform out there—Canonical’s LXD—currently offers no special data security features. Of course, LXD is also much newer than OpenVZ.

The bottom line: Data security for containers is complicated. The variables look very different depending on which container platform you are using (even though vendors don’t always make that clear). But it’s a safe bet that better security for all containerized platforms will be important as container adoption increases.

Christopher Tozzi

Christopher Tozzi has covered technology and business news for nearly a decade, specializing in open source, containers, big data, networking and security. He is currently Senior Editor and DevOps Analyst with Fixate.io and Sweetcode.io.