BlogData Protection for Containers and Dealing with Compliance

Disaster Recovery - 4-800x400

The rise of stateful containers requires further responsibility for data protection—the need to protect the data within persistent containers. To protect against disaster, we suggest backing up your Dockerfiles used to create your container images as well as all versions of those files, as well as configuration files and any desired-state information used for running Kubernetes. It is recommended, however, that any stateful information be stored in a database, and not on the filesystem. Please consider this issue when designing your Kubernetes infrastructure.

Here are the typical files that need data protection:

  • Dockerfile images
  • Kubernetes cluster state information
  • YAML deployments files
  • Persistent volumes
  • Databases

The typical method of putting a backup agent in the container is not a valid option. Consequently, we recommend taking a snapshot followed by replicating the snapshot to another system. Once copied, the volume can be backed up using normal backup processes.

All IT organizations must now come to terms with compliance. One area in particular that IT now needs to be mindful of is with the backup data. We believe that the need for CCPA and GDPR compliance is going to feed another trend in the data protection space. That is the reuse of secondary data for non-backup purposes. Working with our clients, we discovered that many IT teams need to replace their backup solution with a system geared toward reusing backup data for other kinds of business needs.

We also feel that most companies are not ready for CCPA and are holding vast stores of unstructured data with no means to identify, and specifically delete, any of it. That is why we are currently helping our customers with classifying their business data ¾ so they have the ability to classify, search, manage, and remove data in the world of backup.

Compliance is an area where the public cloud is a hindrance. Classifying data ¾ which is necessary for both compliance and any data reuse ¾ is much more complicated when the data is spread across multiple silos. We predict there will be a push to make data classification more pervasive, as it addresses compliance, risk management, and data governance.

Tweet: Data Protection for Containers and Dealing with Compliance #DR #containers #datacompliance #dataprotection Finally, good backups should be the last line of defense against a cybersecurity or ransomware attack. We recommend making backup copies and snapshots immutable, so they cannot be deleted or modified. It is especially important to be able to detect any malware in backup datasets. We stress that IT organizations learn how to streamline standard operational activities, such as snapshot, recovery testing, disaster recovery testing, and searching for compliance-sensitive workloads across your various data sets.

We have learned that a data center architecture will not be agile unless it includes IT automation, intelligent data management, comprehensive data protection, and turn-key DR across the complete hybrid cloud environment. As enterprises adopt hybrid cloud-native strategies, intelligent data management across those public and private clouds is a top priority.

About the Author

Mark Teter, Corporate Technologist

Mark Teter, Corporate Technologist

In his role, Mark is responsible for the strategic direction of ASG’s emerging technology offerings and advancing the deployment of present-day hybrid cloud solutions for our customers. Mark has served as Faculty Staff Member at Colorado State University and has written over 50 white papers on subjects including Data Center Ethernet, Linux and Open Source, Storage Area Networks and Computer Virtualization. He published Paradigm Shift in 2006, a book on emerging technologies. He is a Google Certified Professional Cloud Architect.