Inside the Briefcase

IT Briefcase Exclusive Interview: Getting the Most Out of Open Source While Managing License Compliance, Risk, and Security

IT Briefcase Exclusive Interview: Getting the Most Out of Open Source While Managing License Compliance, Risk, and Security

with Kendra Morton, Flexera
In this interview, Kendra Morton,...

Why DEM Matters More Than Ever in Financial Services

Why DEM Matters More Than Ever in Financial Services

Remember waiting in line at the bank? Banking customers...

How to Transform Your Website into a Lead Generating Machine

How to Transform Your Website into a Lead Generating Machine

Responsive customer service has become of special importance, as...

Ironclad SaaS Security for Cloud-Forward Enterprises

Ironclad SaaS Security for Cloud-Forward Enterprises

The 2015 Anthem data breach was the result of...

The Key Benefits of Using Social Media for Business

The Key Benefits of Using Social Media for Business

Worldwide, there are more than 2.6 billion social media...

Instaclustr’s Managed Elasticsearch Service on AWS Gets PCI-DSS Certification

June 14, 2021 No Comments

by Ben Slater, Chief Product Officer, Instaclustr

Instaclustr has announced that its Managed Elasticsearch Service on AWS for data logging, search, and analytics has achieved PCI-DSS compliance. Instaclustr’s Managed Apache Cassandra and Managed Apache Kafka solutions on AWS have also earned re-certification.

Elasticsearch Press release Website pr 1024x536 300x157 Instaclustrs Managed Elasticsearch Service on AWS Gets PCI DSS Certification

Instaclustr’s Managed Elasticsearch is based on the Open Distro for Elasticsearch, which will soon be updated to OpenSearch. Using the open source distribution ensures that Instaclustr customers always have control and portability of their data, are not subject to vendor lock-in, and are free from licensing costs.

This PCI-DSS certification for Managed Elasticsearch adds to Instaclustr’s existing PCI-DSS and SOC 2 accreditations, which demonstrate the company’s commitment to thorough data security practices and architecture. Enterprises with the most stringent security requirements can utilize Instaclustr’s advanced managed open source data solutions knowing that their environment is continually aligned with the most rigorous security protocols.

The PCI-DSS (Payment Card Industry Data Security Standard) is the payment card industry’s mandated information security standard and applies to all organizations that store, process, and/or transmit cardholder data. PCI-DSS certification requirements dictate that all system components either within the cardholder data environment or with access to it must feature specific and strict technical, physical, and operational security controls. Beyond applications directly involving finance and payment card transactions, PCI-DSS controls are currently seeing increased adoption across other industries, as the recognized “gold standard” for security practices.

“We remain proactive in ensuring the data technologies we deliver for enterprise customers are always held to the highest security standards,” said Ben Slater, Chief Product Officer, Instaclustr. “Instaclustr-managed Elasticsearch now joins our Cassandra and Kafka solutions in achieving PCI-DSS certification. Also, in addition to meeting PCI-DSS compliance for customers who require it, new security enhancements we’ve implemented will result in improved levels of security for all of our managed service customers, regardless of product or platform they are leveraging.”

With the re-certification of Managed Cassandra and Managed Kafka, the following enhancements have also been made:

– Private Network Clusters are now optional.
– Console SSO is supported.
– Requirements for cardholder data encryption have been revised to now only require encryption of the Primary Account Number (PAN). This is significant for Elasticsearch, as it allows additional flexibility for customers; for example, to search by customer name in Kibana.

Additionally, when looking at Kibana specifically, Instaclustr supports connecting customers’ Instaclustr-provisioned Kibana instance to an Open Identity Connect (OIDC) SSO provider, which provides an enhanced user experience.

Enterprises requiring full PCI-DSS compliance can opt-in when creating an Elasticsearch cluster on the Instaclustr managed platform to enable the required security options (for example, password complexity in the Instaclustr console). There are additional customer responsibilities involved to achieve full compliance. For more detailed information, please see the Instaclustr support page.

DATA and ANALYTICS , News, OPEN SOURCE

Sorry, the comment form is closed at this time.

ADVERTISEMENT

Gartner