Hype Cycle Data Privacy-bl
Hype Cycle Data Security-bl

How to Protect PII/PHI in Elasticsearch in One Hour and for the Price of Dinner

Why consider this?

Securing data-at-rest and in-motion accounts for 2% of the data lifecycle. For 98% of the time, PII/PHI is utilized in clear text. This is where all the exposure takes place and also the reason why we see billions of PII records lost each year. Compromised credentials and human error continuously expose data-in-use and data inside indices. This is also the hardest threat vector to have a plan for. Until now. Titaniam was built to address this gap.

What are the pre-requisites?

Organizations who store and process sensitive data of any kind on an Elasticsearch backend. Any version. Any distro. For other data platforms it take longer than one hour i.e. a few weeks

What are the steps involved?

  1. Install Titaniam Protect plugin for Elasticsearch (1 minute)
  2. Identify fields that need to be protected (10 mins, you know your schema)
  3. Select from five types of protection (44 mins or faster we think, see table below)
  4. Add Titaniam ingest processor to the pipeline specifications (5 mins)
  5. For timeseries data you are done
  6. For static data send protected data to an alias to see results

Redacted: For sensitive data that should not have been there in the first place

Tokenized: For sensitive data that needs to be transacted  but not analyzed

Encrypted: For sensitive data that does not need to be indexed for search

Entangled: For sensitive data that needs to be indexed, searched, analyzed

Masked: For sensitive data that needs to be indexed, searched, analyzed

For sensitive data that is protected but still masked for display

What happens to upstream data sources and downstream apps?

  1. Data Sources: Nothing. Ingest pipelines and processes stay as they are. Titaniam Protect intercepts ingest stream transparently.
  2. Apps: They become automatically secure and private. PII/PHI is still available for search and manipulation but does not exist in clear text anywhere in the system or application. It can be recreated as needed but is never persisted. It is as simple as selecting the right field type.

What does it cost?

Protecting one Elasticsearch node for one month is the cost of a dinner.

*Deployment times in the headline are on the happy path