Titanic Disasters, Business Continuity, and Kubernetes!
By Stephen Trout, , HIPAA Blog, Resources, Security

The second in our series on business continuity for healthcare. 

by Stephen Trout

When the ill-fated passengers of the Titanic agreed to an exciting ocean voyage, we understand how they might’ve taken a few things for granted – business continuity-wise. 

They’d been hearing, after all, that this new colossus of a ship was “unsinkable” – the very latest in ocean-going technology. “Even God couldn’t sink it!” someone boasted. (Mistake #1)

Word was that an experienced “helmsman” was also at the wheel – a proven captain with many sea voyages behind him – so what could go wrong? (Mistake #2)

Of course, not everyone aboard Titanic that day was guilty of such hubris. Naturally, passengers would want to trust their crew  – even as we would on a modern cruise. Yet those who devalued the greater Helmsman would invite the ultimate tragedy.

Clearly, the White Star Line’s “business continuity plan” was seriously flawed. Some compartments below deck weren’t water-tight. Backups – in the form of sufficient lifeboats – were tragically lacking.

Why do we recount these things? 

Because as a healthcare provider, you can’t afford to be “dead in the water,” taking business continuity for granted. System uptime and data availability are key to your survival. 

We understand that – which is why, among the many resources we offer, Kubernetes is on board to help with your business continuity plan.

A Kubernetes Refresher

An open-source container system originally launched by Google, “Kubernetes” (or “K8s”) is derived from a Greek word meaning “helmsman,” or pilot. It provides a unique platform for “automating deployment, and scaling operations of application containers across clusters of hosts.” 

What that means is this: in contrast to the old-school method of spinning up a whole new virtual machine for one application – an underutilization of the machine’s total resources – each container possesses all the self-contained applications (code and system tools) needed to run them. 

Containers have many advantages, including:

  •  Agile Creation and Deployment of Applications
  •  Reliable and Frequent build of images with easy rollback
  •  Portability to various cloud environments and OS types
  •  Isolation of Resources
  •  Optimal Utilization of Resources

In addition, the beauty of Kubernetes is also seen in its ability to choreograph these stand-alone, containerized applications (as well as groups of resource-sharing containers known as “pods”) from a single interface in various cloud deployments. A system of Master and Worker nodes is utilized, in a load-balanced configuration.

So how does Kubernetes impact business continuity?

Containers provide a resilient, flexible, and more economical approach to both development and business continuity:

  • Developers can “run the entirety of an exact copy of a production app locally on a development laptop system” (see NIST 180-190).
  • Compute instances can be deployed in multiple data centers, providing greater resilience and redundancy. Should one data center happen to go down, you won’t go down with the ship. 

What about HIPAA compliance?

The following managed services are necessary to help secure containers:

  • Automated scanning of containers at all stages of deployment helps ensure that images and registries are safe from vulnerabilities.
  • Monitoring at the container level also helps to identify issues impacting application performance.
  • Containers need securing through in-transit and at-rest data protections. This means that all data moving in and out of your containers must be encrypted.

Come aboard with confidence

Kubernetes will continue to benefit from a vast open-source community of cutting-edge collaborators, years of R&D, and excellent security innovations. 

For now, this advanced technology continues to facilitate the technical means to move from a host-centric world to a container-centric one, with its many advantages:

  •  Rolling Updates
  •  Balancing Loads
  •  Replication of Applications

It’s true – your data center is unlikely to ever encounter an iceberg (we’re in real trouble if so!) – but a disaster can certainly happen. With fully managed Kubernetes from HIPAA Vault, you’ll be freed up from the technical configurations and concerns to concentrate on what you do best – caring for patients.

Questions about how Kubernetes can benefit your business continuity? Give us a call (760-290-3460), or chat with us online at www.hipaavault.com

Stephen is an award-winning writer with a depth of experience in healthcare security and HIPAA compliance. In addition to writing for HIPAA Vault, his work has been published in Security Magazine, New England Society for Healthcare Communications, and others. Stephen has a degree in Engineering from Temple University, and can be reached at strout@hipaavault.com.