I spend a lot of time talking about application-layer encryption (ALE) because I believe it to be the future of data security and application security. However, I often come across two reasons why people aren't ready to adopt ALE.
They think transparent disk encryption is "good enough," which is incredibly frustrating because it does very little on servers that run 24/7 (see diagram below).
They have legitimate concerns about being able to use sensitive data once it's encrypted.
Cloaked Search encrypts sensitive data before it goes to the search service. Only those with the correct key are able to search over the data. To unauthorized users without the key, including cloud platform administrators, the search index holds meaningless data.
Cloaked Search drops in front of the most popular search services in use today, including Elasticsearch and OpenSearch. It can be configured to protect any fields and indices desired.
What's new?
The next generation of Cloaked Search from IronCore Labs includes:
Batch Indexing: Batch indexing is supported for Elasticsearch and OpenSearch, in addition to the already supported single-document indexing. Batch indexing provides a smoother onboarding process and increases performance for customers indexing many documents at once.
Multi-index Support: Multi-index support allows customers to search across multiple protected indices in a single query.
Subdocument Support: Object field type support allows customers to utilize nested data structures within a JSON document. Fields are able to hold and protect sub-documents, allowing for richer indexing and search use cases.
Advanced JSON Query Support: Allows queries to be made using advanced JSON syntax for more granular search abilities and flexibility.
Performance Enhancements: Improvements in the Cloaked Search product have decreased indexing times for documents.
Configuration File Changes: Cloaked Search configuration settings now better align with Elasticsearch and OpenSearch configuration settings to simplify onboarding, setup, and maintenance.
Type-ahead search: Cloaked Search now supports native type-ahead, including single-character autocomplete.
Free trials are available and can be found here along with pricing information.
As an OpenSearch partner, we were excited this month to be featured on the OpenSearch blog where I went into greater detail about why you should be encrypting your data in search services like OpenSearch and how Cloaked Search works.
If you have questions about searching on encrypted data or how your unique use case would benefit from application-layer encryption, let's talk.
.png?upscale=true&width=1200&upscale=true&name=Newsletter%20-%20Nov%202022%20(1).png)
