Compliance for Elasticsearch

Keep Elasticsearch and Kibana compliant with regulations like GDPR, PCI, SOX, HIPAA and ISO

Search Guard Compliance Edition
The challenges of data compliance
While the importance of data privacy and compliance is ever increasing, the burden that compliance regulations like GDPR, PCI, HIPAA or SOX put on CISOs and IT operators is high. The regulations cover topics such as data encryption, data integrity, access control, data anonymization, access tracking, data retention and many more. Failure to implement those regulations can lead to fines and damages, and actual data breaches may have a permanent impact on the reputation and business of any company.
Search Guard Compliance Edition
The Search Guard Compliance Edition offers features that make it easy to implement compliance regulations for Elasticsearch, Kibana and the entire Elastic Stack. Sophisticated tools like document change tracking, document integrity protection and field anonymization significantly ease the pain of adhering to GDPR, PCI, HIPAA or SOX.

Data encryption

Search Guard enforces TLS encryption for all data in transit. This ensures data protection and data integrity, and makes sure only trusted parties are able to read sensitive data. Search Guard also supports like dm-crypt, EcryptFS for encryption at rest.

Fine-grained access control to all data

Search Guard blocks any unauthorized access to any information inside Elasticsearch. With our fine-grained role-based access control system you are always in control over who is able to read and modify data. This applies to indices, documents, and even single fields.

Data access tracking and change tracking

Search Guard produces and audit trail that records who has created, accessed and modified senstive data. In an compliance audit you can exactly state when, by whom and why this data has been entered and processed.

Data anonymization

Not all data that is being recorded has to present for everyone to see in clear text at all times. Search Guard supports on-the-fly data anonymization on a per-role basis. At any time you decide who is allowed to see clear text data and who should see anonymized data only. All Elasticsearch data aggregation and analysis features continue to work also on anonymized data.

Right to be forgotten

Customers can demand that PII data that is not required for ongoing business activites must be deleted. With the Search Guard Compliance Edition you can now record any PII data deletion for future proof this 'right to be forgotten has' been applied correctly.
checkmark icon
Data Encryption
Search Guard encrypts all the traffic inside your Elasticsearch cluster, shields from data breaches and ensures the integrity of your data.
certificate icon
Data Anonymization
Search Guard provides role-based access control to all data stored in your Elasticsearch cluster. Control exactly which users can access PII or other sensitive data in cleartext or anonymized.
shield icon
Audit Trails
Search Guard generates audit trails on who has created, modified, accessed and deleted PII and other sensitive data in your Elasticsearch cluster.
Questions? Contact Us!
your message
newsletter
This form collects your name and email. Please take a look in our privacy policy for a better understanding on how we protect and manage your submitted data.
Give the Search Guard Compliance Edition a spin!

Give the Search Guard Compliance Edition a spin!

Follow these simple steps to install Search Guard on your Elasticsearch cluster.
arrow icon
follow us
twitter iconfacebook iconlinkedIn iconyoutube icon
Search Guard Newsletter
For the latest product developments, new versions and cybersecurity news, sign up to our newsletter.