While security is a complex thing, and there are experts you really want to listen to, there are a couple of things that you can do, low hanging fruits so to speak:

Encryption, Authn & Authz

Containers

  • Learn about Docker Security and try it out yourself via this awesome Katacoda course.
  • Some basic hygiene: don't put your credentials in the (Docker) image, rather provide them via environment variables or even better use one of these secure, distributed in-memory key-value stores:
  • Do carry out vulnerability analysis on containers.

Check out also: