Help Net Security
Originally published at

Product Showcase: Searchable Encryption in Elasticsearch and OpenSearch

When it comes to sensitive data, search services are the ultimate treasure trove for hackers. Why slowly sift through information when a search service has indexed it all for you?

Mistakes are inevitable and cloud misconfigurations are the number one cause of data breaches. The number two cause is leakage of insider credentials. In either case, having your sensitive data encrypted can provide the defense-in-depth you need to prevent a mistake from becoming a catastrophe.

Application-layer encryption (ALE) is a data protection pattern that encrypts data before it goes to the data store. Cloaked Search by IronCore Labs uses ALE to protect your search data by ensuring that the data it holds is protected from unauthorized access even while the service is running.

This can be useful if you distrust your cloud provider, need to meet data residency requirements, need to show security by design, or just want to be a good steward of the sensitive information you hold.

Companies use Cloaked Search to protect customer data, personally identifiable information, enterprise search, logs, insider information, and to prevent ransomware extortion.

  • Cloaked Search is a transparent proxy that encrypts data before it goes to Elasticsearch or OpenSearch while still allowing you to search that data; no plugins required
  • Choose which indices and fields to encrypt while the rest pass through normally, so you can start with your most sensitive data and expand over time
  • Perfect as a PET (privacy enhancing technology) for safeguarding personal information and complying with global privacy laws and data sovereignty concerns
  • Protects against breaches, unauthorized insider access, injection attacks, and cloud misconfigurations

Read the rest on Help Net Security.

More great reads