The use of "containers" in web application development is growing, but not without potentially increasing threats to the security of the data we store in our apps and devices. Containers are stand-alone packages of software that include everything needed to run the bundle. Their portability and resilience, and more importantly the fact that they allow software to run efficiently when moved between different computing environments, make containers an increasingly attractive tool for web developers. But when apps and devices – including Uber, Google, Yelp, and Android and iPhone technology – employ containers that store personal information, some experts warn that the security of our information is at risk. For example, standalone containers operate as "black boxes," making it easy for hackers to capture information without evidence of intrusion. Containers may not be integrated with an organization's existing risk and governance structure. It's also difficult for developers – when containers show up – to verify their integrity. The use of containers is already widespread, and everyone from vendors to C-suite teams to consumers should be aware of the potential vulnerabilities in these tools and to advocate for ways to bolster the security of container software. This just serves as a reminder for everyone to be vigilant about entering personal data on devices and apps and to have strict password protection processes.
Check out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact Bob Brewer, Tony McFarland, Elizabeth Warren or a member of our Privacy & Data Security team.