When data is stored within Elasticsearch, it is easily accessible for search and analytics. This has led to a multitude of use cases with Elasticsearch and Kibana. And often, we have seen in the news that elasticsearch servers can be compromised and data exposed or deleted due to misconfiguration of the setup and the lack of encryption for securing the server data and fields. While Elasticsearch provides powerful search and analytics capabilities, the lack of security can prevent most organizations from using it for search on PII data used for making critical decisions. How can you secure your PII data within Elasticsearch using encryption and rock-solid access controls?
Let's start with what PII means to organizations. So what is Personally Identifiable Information (PII)?
PII is any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.
What is considered PII?
PII is divided into two categories: linked data and linkable data.
Linked data that can lead us to identify a person personally.
Linkable data is a piece of data that can be used to connect with other data to locate a person individually.
The EU data privacy law – General Data Protection Regulation (GDPR) defines Personal data as the following:
Article 4(1): ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Please note that GDPR states that even cookies can be considered personal data.
So how can we store PII within Elasticsearch securely in an encrypted manner and safeguard PII or Personal data?
How can we comply with GDPR and regulations and, at the same time, reap the benefits of search, analytics and machine learning?
Field-level data encryption is required within Elasticsearch to store and search all PII fields. SearchBlox can work with you to enable field-level data encryption and search on encrypted fields. If you are ingesting data from a database or flat file or any external source, we can enable field-level encryption to ensure the fields are encrypted in storage, and visible only to the appropriate users with the correct private security key. This solution will ensure compliance with NIST guidelines.
Contact SearchBlox to discuss how we can help you with your PII data security requirements.