Network segregation: IoT vs NoT
IoT devices became quite popular throughout the last years. Everything is connected, anytime. What sounds like a good idea, might actually result in a security hole in your network. As only the vendor knows what a device is actually doing, your IoT devices might bring some features with them that you don’t like. What is the problem with my IoT device? The short answer is: you own it, but you don’t control it. Continue readingUnattended docker container updates
To keep your container infrastructure up to date and therefore secure, there are two primary objectives that you need to achieve: Keep the host‘s operating system up to date Keep the content of your containers up to date Update the operating system Updating your operating system is quite straight forward. Just use the well known package managers to do the job for you. E.g. for Debian this would be as easy as running apt-get update && apt-get upgrade on a regular basis. Continue readingUsing the cloud as panic room
Time to do something about it, and also about all other scenarios that threaten your digital heritage. Can the cloud be the safe place to backup all your data? But doesn’t uploading backups to the cloud also mean that others might be able to access it? In this article we will show a disaster recovery concept that you can use to backup infinite data amounts: It is free, easy to set up, and bullet prove.
Continue readingDocker Image Review: jwilder/nginx-proxy
Ever wondered wether there is a good alternative for scenarios, where a full featured ingress proxy would be overkill? Here it comes:
jwilder/nginx-proxy
. The image can especially be useful when setting up an ingress concept for the first time. Nginx is well known in the world of classic server administration and web hosting. So why not use your familiar web server also in your containerised environment?
Docker containers are insecure
Everybody knows how to keep a linux box updated. It is also common sense that running things in docker containers is more secure by definition. After all they isolate services from each other. So if you are running containers on a fully patched host, there should be no security holes at all. Not even close! Keeping containers up to date is a total different thing. That brings up the questions how to keep your containers up to date, and how to decide wether containerising is really worth it in your scenario.
Continue reading