Hackers are constantly exploring new attack vectors, and Kubernetes has also been targeted by ransomware extortionists. Siloscape was one of the first to operate from a container and use weakly configured security functions in Kubernetes clusters. The malicious code can steal login information and other business-critical data at the cluster level. The open source system is new territory for many users, which is why weak configurations are more likely, such as a Research study from Stackrox from 2020 shows. 67 percent of those surveyed admitted serious misconfigurations in their Kubernetes environment.
The following tips will help companies make their data on Kubernetes more resilient to attacks, malware, and human error:
1. Follow the basic principles of security
Kubernetes provides one of the best and most understandable documentation for securely setting up the platform yourself. The users and their accounts should be secured with good, strong and different passwords and their access privileges should be tailored to their tasks. It is recommended that critical data be encrypted on its way between containers and pods. the documentation the clearly explains details about the correct configuration, management and backup of the cluster. At the same time, the community is working to find and fix software bugs. Patches help close back doors in the architecture.
2. Protect data from errors
However, this does not exclude the human factor. If you want to back up the data yourself in a Kubernetes environment and contain the consequences of human error, you should back up the files. The structure and architecture require a special approach in order not to forego the great advantages of Kubernetes. Kubernetes platforms are based on a hierarchy of multiple worker nodes and the cluster master node at the top. Master and worker nodes communicate via defined processes that are included in every distribution. Namespaces and pods or containers can be set up automatically and rolled out and monitored on the respective worker nodes. In order to be able to integrate databases, the namespaces are linked with persistent storage volumes, i.e. fixed storage space.
According to this structure, the elements should be backed up. Thanks to the container architecture, persistent and non-persistent data can be separated from one another and used optimally depending on the application. Updates can also be imported quickly. It is important that the backup fully supports the most frequently used distributions on the market. Red Hat Openshift has the largest Kubernetes market share in this country. But VMware is also pushing its way more and more into the market with Tanzu.
3. Comprehensively secure namespaces
Kubernetes operates with so-called namespaces. These are mostly defined as projects or applications that deliver the actual business value of a Kubernetes environment through pods, containers, configuration information and the associated storage.
The backup platform should be integrated into the cluster via a namespace interface and carry out the discovery of the cluster independently and there handle manual and planned backup processes as well as the restoration of the data.
A namespace with all components should be secured so that the applications are fully protected and the scalability and portability of the Kubernetes environment are preserved. At the same time, in the event of a recovery, it must be possible to restore the persistent volumes regardless of the namespace, since logical errors can occur on their data layers. To maintain the agility of Kubernetes, the backup solution should also support restoring namespaces on alternative clusters.
4. Clearly define access rights
If the communication between the backup software and the Kubernetes master is based on coordinated certificates and credentials, essential information for operation and security can be obtained. For the mutual authentication of the Kubernetes cluster and the backup system, there are tokens and CA certificates with which the data exchange can be securely encrypted.
The access rights for data backup and recovery should only apply to resources in the Kubernetes environment that the respective user is allowed to manage or use. This means that a backup user can only see the namespaces and persistent storage volumes of the cluster for which he is authorized. In this way, development, test and production responsibilities can be separated. It is also advisable to define access rights during configuration, which are implemented in the backup system via role-based access. This approach strengthens the resilience against cyberattacks.
5. Relieve DevOps and backup teams with automation
A backup solution should also automatically and regularly check whether new namespaces have been created in the clusters. Therefore, the Kubernetes distribution and backup solution must work together perfectly. The approach of automatically and intelligently assigning logical selections with the assignment of the corresponding backup plans to new namespaces is also sensible. In growing Kubernetes farms, this reduces the risk that a project or application is not properly secured. In addition, automatisms relieve the IT teams with discovery and configuration and reduce the risk of data loss for DevOps teams. They can also restore their data themselves with the appropriate rights concept. This shortens development times and relieves those responsible for back-up. Even backup processes that have so far been unsuccessful can be restarted in a time-controlled manner thanks to the integration of distribution and backup concept. Those responsible are then informed via an event alarm in the corresponding GUI.
6. Pay attention to integration possibilities
A backup system should interact with established standards such as Velero, but also support intelligent extensions. The connection to a retention management system controlled by the backup with the possibility of replication can help protect against ransomware. It is important to consider the 3-2-1 rule. The backup data mover is also a useful conceptual addition. This allows the backup storage targets to be expanded to the compatibility supported by the provider. Kubernetes is then integrated end-to-end into a central backup and recovery concept, which avoids the operation of individual best-of-bread backup systems for each workload. This can reduce costs, contain complexity and reduce risks.
A functioning backup is also the strongest means for Kubernetes users against ransomware blackmail attempts and data loss through human error. Veritas’s NetBackup platform enables a high level of automation and integration with legacy systems and virtual environments for most workloads in the market on-site and in the cloud. This reduces the effort and cost of backups. In addition, no critical system or important file falls through the backup grid. If ransomware or human error corrupts critical data, Kubernetes users can reliably restore it.