Zettaset, a provider of a software-defined framework for automatically encrypting data being accessed by containers, announced today it has allied with Mirantis to integrate its software with Docker Enterprise from Mirantis.
Mirantis acquired Docker Enterprise last year and is the first container platform that Zettaset is supporting in the form of Zettaset XCrypt Container Encryption for Docker Enterprise from Mirantis.
Maksim Yankovskiy, vice president of engineering for Zettaset, says support for other container platforms will follow. While Zettaset already supports containers, he says it’s important to extend that support to platforms to be able to apply and manage encryption at a deeper and more granular level.
Zettaset XCrypt Container Encryption works by encrypting any data a container attempts to ingest from a volume. That approach makes certain all data being accessed is encrypted regardless of which vendor provides the underlying physical storage system.
Encrypting data, of course, doesn’t eliminate the need to adopt best DevSecOps processes and tools to make sure applications are more secure; however, it does provide a last line of defense in case every other cybersecurity control in place is bypassed. The challenge with getting organizations to adopt encryption has always been the perceived impact on performance and the overhead associated with managing encryption keys.
Zettaset XCrypt Container Encryption runs natively on container platforms so overhead is minimal and there is no need to rely on an external platform to manage keys, Yankovskiy says. However, for organizations that have adopted a key management platform, Zettaset offers a set of application programming interfaces (APIs) through which they can integrate with those platforms.
Neither is there a need for any specialized hardware—the entire encryption process can easily be incorporated into a set of best DevOps practices rather than requiring the expertise of dedicated cybersecurity teams, notes Yankovskiy.
It remains to be seen whether IT teams will apply encryption more broadly than they did to previous generations of monolithic applications. However, with cloud service providers such as Amazon Web Services (AWS) now making a concerted effort to remind IT teams to encrypt everything, there is more awareness of the need to encrypt.
In addition, penalties associated with losing control over unencrypted personally identifiable data are steadily increasing. In fact, the cost of encrypting data is much less than the fines that might be incurred, especially in highly regulated industries or as more data privacy laws are enacted. It’s also worth noting that cost of an audit is considerably less when it can be shown data is routinely encrypted.
Of course, many developers and IT operations teams will contend only sensitive data needs to be encrypted. The trouble is, what often appears as innocuous today can be a lot more relevant later on should that data be correlated against other sources of data in some unforeseen way. More organizations, ultimately, would be better off remembering it’s usually a lot better to be safe than sorry.