Specific Encyption at Rest Algorithm?

tensor · November 4, 2022, 5:11pm

Hi

One of our customers is insisting we provide evidence of encryption used by our third party processors (which includes Elastic).

I can find published statements that data is encrypted at rest in the SOC-3 compliance document (https://www.elastic.co/pdf/elasticsearch-service-soc-3.pdf) and in the technical FAQs (Securing your deployment | Elasticsearch Service Documentation | Elastic) however neither of these nor any other searches I do specify specifically the algorithm used. Can someone please confirm and ideally provide a link to a published Elastic document that specifies, say, AES256?

We are using ElasticCloud hosted on Azure, with clusters at version 8.4.2

stephenb · November 4, 2022, 7:26pm

Hi @tensor ,

I would reach out to your account team or perhaps support to get a specific / official response as I / we cannot (and should not) make an official statement here on the discuss forum especially with respect to security and compliance that you report to your customer.

Your Account Team should be able to get you that answer.

system · December 2, 2022, 7:26pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.