Gartner an information technology analyst firm providing technology related insights and advises, has assessed Docker’s security and has reported that the containerization tool is quite sound, but also immature.
Gartner’s report titled Security Properties of Containers Managed by Docker, which was made public last week states: “Linux containers are mature enough to be used as private and public PaaS (Platform As A Service), but a disappoint when it comes to secure administration and management, and to support for common controls for confidentiality, integrity and availability.”
The document also states and acknowledges that running Docker inside a Hypervisor, although advanced by VMware standards, yet further complicates matters.
Analyst Joerg Fritsch writes “In the majority of cases, Docker would be embedded on top of guest servers that are in turn on top of hypervisors, however, except for a further fortification of resource isolation, a little there is to be gained from the hypervisor that is being used underneath. Docker and containers cannot inherit from the hypervisor what they lack most, which are secure administration and management features, and support for common controls for confidentiality, integrity and availability. But the underlying hypervisor adds to a level of complexity that will need to be managed and sorted separately which may also result in friction with, for example, evolving SDNs for containerized environments.”
The document also suggests that at present Docker is new and has not yet built an ecosystem of tools that make it production ready.
Furthermore dedicated backup is also a weakness that needs to be addressed, and also there’s no encryption tool for Docker containers, that could damage the underlying OS at the disk level.