Instaclustrin’s Managed Elasticsearch offer with AWS for data collection, retrieval and Analytics deserves PCI-DSS certification

Image source:

Companies with applications that require full PCI-DSS compatibility can take advantage of the Elasticsearch open distro managed by Instaclustr for data collection, retrieval, analytics, and other uses. An open source information management company Instaclustr, which provides scalability through a fully managed open source IT platform, has announced a new PCI-DSS certification for its Managed Elasticsearch service on AWS.

Instaclustr’s Managed by Elasticsearch is based on Open Distro for Elasticsearch, which will soon be upgraded to OpenSearch. Open source distribution ensures that Instaclustr customers always have data management and portability, are not subject to vendor lockout, and do not incur licensing costs. Instaclustrin Managed Apache Cassandra and Managed Apache Kafka AWS solutions have also been re-certified.

This Managed Elasticsearch PCI-DSS certification adds Instaclustr to existing PCI-DSS and SOC 2 accreditations, demonstrating the company’s commitment to thorough security policies and architecture. Companies with the most stringent security requirements can take advantage of Instaclustr’s advanced managed open source data solutions, knowing that their environment is consistently compliant with the most stringent security protocols.

The Payment Card Industry Data Security Standard (PCI) is a payment card industry-mandated security standard that applies to all organizations that store, process, and / or transmit cardholder information. The PCI-DSS certification requirements stipulate that all system components that are either in or with access to the cardholder’s information environment must have specific and rigorous technical, physical, and operational security controls. In addition to applications that directly involve financial and payment card transactions, the use of PCI-DSS controls is currently increasing in other industries, a recognized “gold standard” in security practices.

“We are able to proactively ensure that the information technology we deliver to corporate customers always meets the highest security standards,” says Ben Slater, Instaclustr’s Product Director. “Elasticsearch, managed by Instaclustr, is now joining our Cassandra and Kafka solutions to achieve PCI-DSS certification. In addition to meeting PCI-DSS compliance for customers who need it, we have implemented new security improvements to improve security for all our managed customers . “

With the recertification of Managed Cassandra and Managed Kafka, the following improvements have also been made:

● Private network clusters are now optional.

● Console single sign-on is supported ● Cardholder data encryption requirements have been changed to require only primary account number (PAN) encryption. This is significant for Elasticsearch because it gives customers more flexibility; for example, search by customer name in Kibana.

When looking at Kibana in particular, Instaclustr supports connecting customers to the Kibana instance provided by Instaclustr to an Open Identity Connect (OIDC) SSO provider that provides an enhanced user experience.

Companies that require full PCI-DSS compatibility can choose to create an Elasticsearch cluster on an Instaclustr-managed platform to deploy the necessary security options (for example, password complexity in the Instaclustr console). There are other customer responsibilities involved in achieving full compliance. See more details Instaclustr support page.

Share this article

Make sharing


Please enter your comment!
Please enter your name here