Siloed Kubernetes expose firms to increased cyberthreats

Businesses are failing to capitalise on the opportunities offered by joined-up strategies for Kubernetes deployments, leaving DevOps and project teams to solve challenges like data protection on their own, according to research research commissioned by Veritas Technologies.

The study was conducted by Opinium Research between February 7-20 2022 in the United States, Brazil, Australia, China, Japan, Singapore, South Korea, France, Germany, the United Arab Emirates, and the United Kingdom. Respondents included 1,100 IT decision-makers in organisations with over 1,000 employees.

Findings show that over a third of organisations (34% globally and 32% in Singapore) have already deployed Kubernetes for mission critical applications but this is increasingly being driven at the project level, with 42% (38% in Singapore) of Kubernetes adoption decisions being made without significant influence from the CIO or IT leadership team. 

Results also revealed that the adoption of Kubernetes is being driven by multiple parties — individual IT project teams (45% globally, 56% in Singapore), boards and business leaders (40% globally, 35% in Singapore), DevOps (36% globally, 47% in Singapore), and even cloud providers (24% globally, 26% in Singapore). 

While IT leaders were identified as a stakeholder in the small majority of decisions, this was not the case 42% (38% in Singapore) of the time. 

“Deploying Kubernetes on projects can deliver real advantages, so it’s little wonder that development teams want to embrace them quickly,” said Andy Ng, VP and managing director of Asia South and Pacific Region at Veritas.

“However, making that decision without a holistic IT strategy can mean that these projects miss the support of shared IT functions – such as data protection,” said Ng. “This can leave the DevOps or project teams with ongoing responsibility for these activities.” 

With 89% of organisations (96% in Singapore) concerned about the threat of ransomware attacks on Kubernetes environments, having individual teams look after their data protection can be burdensome. 

Yet, nearly half of organisations (47% globally, 44% in Singapore) said that, where protection exists for their Kubernetes environments, they have standalone solutions that are distinct from their wider data protection infrastructures. 

Survey respondents suggested this siloed approach risks complexity, cost and data loss as 42% (52% in Singapore) of organisations believed that siloed data protection leads to the threat of data being missed from protection sets. 

A similar number,44% (60% in Singapore), cited more complex and lengthy data restoration processes and 43% (50% in Singapore) pointed to increased costs. 

“Without a single location to restore their data, the IT team is trying to recover from all sorts of platforms with different interfaces and procedures,” said Ng. “Worse still, if project teams have missed the opportunity to draw on the experience of the data protection team, they may not have known the best practices to follow and risk losing critical data.” 

With 87% of organisations (90% in Singapore) expecting to use Kubernetes in their missioncritical infrastructures in the next two to three years, Veritas is urging IT teams to collaborate more closely to ensure that the technology can be deployed with the appropriate protective guardrails around it.