Cybersecurity » Know Industry Compliance Standards Before Employing Container Security

Know Industry Compliance Standards Before Employing Container Security

November 27, 2018

Abstract  Digital concept which shows network security optimization and internet technology
More companies are focusing on container security to ensure that they don’t ship software with known vulnerabilities, to protect sensitive data, and to maintain compliance with industry-specific regulations such as HIPAA, PCI, or SOC 2. In theory, cybersecurity best practices around account security and the use of two factor/multi-factor authentication do not change in containerized infrastructures, but in practice, containers are co-located on the same host, and the surface area of a compromised container can have greater consequences. Also, as companies grow, there is greater liability associated with the absence of granular permissions and short-term credentials. In general, the more a company grows, the greater this tech debt becomes, and the more difficult it is to introduce effective access controls. Keep your industry’s compliance standards in mind as you adopt new solutions like containers. For example, HIPAA regulations require that personal health information be encrypted in transit or at rest when accessed by containers. Do your own research and ensure that your container solution of choice provides the functionality you need to stay compliant with industry standards.

Read full article at:

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top