I am trying to encrypt the Elasticsearch data. Are there any native methods to encrypt the data? I studied about Elasticsearch supporting dm-crypt, but there are no proper supporting documents on how it is being implemented. Also, my clients need free/opensource alternatives to Shield/X-Pack.
TIA.
Amazon Elasticsearch Service now supports encryption of data at rest and node-to-node encryption on existing domains, enabling organizations hosting sensitive workloads to meet stringent security and compliance requirements.
Encrypting data at rest is vital to data protection, and the practice reduces the likelihood of data loss or theft in cases of: A data breach. Lost or stolen devices. Inadvertent password sharing.
The Encryption at Rest designs in Azure use symmetric encryption to encrypt and decrypt large amounts of data quickly according to a simple conceptual model: A symmetric encryption key is used to encrypt data as it is written to storage.
AWS provides the tools for you to create an encrypted file system that encrypts all of your data and metadata at rest using an industry standard AES-256 encryption algorithm .
What is the supposed behaviour for encryption? Be able to search against encrypted data or just store some sensitive fields (e.g. PII) encrypted?
First of all, consider removing your sensitive data from ELK stack, as it isn't a reliable place to store it there. Detach it (just remove and store somewhere else or tokenize, if you want to have a link to it) or obfuscate before pushing to ELK.
As an alternative to performing encryption by means of Elasticsearch or its plugins, you can encrypt your data in the application that pushes data to ES in advance and just keep a couple of index fields (which are going to be used to search by) in plain text. E.g.
{
"index_field" : "John Doe", // plain text to search by
"address" : "s3_34$af78...", // encrypted
"passport" : "3%75O9gfjdg4%...", // encrypted
...
}
That depends on your specific application, however in some cases solving encryption & key management questions would be much easier than looking for a particular solution e.g. for ES.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With