AWS OpenSearch Security
Portal26’s OpenSearch Security Plugin
What do you get when you protect the industry's best search platform with the industry's most advanced data protection solution?
You get solutions for the most urgent of security needs, ransomware and extortion defense.
Enable Security In Amazon OpenSearch
Use Portal26 to make your OpenSearch ransomware and extortion proof
Portal26, maker of the industry’s most advanced data protection solutions, has partnered with Amazon OpenSearch, the industry’s best open source enterprise search platform, to produce the industry’s only search solution that stands up to ransomware, extortion, and data breach.
The Importance of OpenSearch Encryption
We recognize that the single most important data protection tool in our toolbox is encryption. It is on the basis of encryption that we sleep at night while our valuable data flows through networks and resides in innumerable data stores.
We are also aware that these days we are no longer able to rely on the protection provided by encryption to keep valuable data safe. This is because our ability to encrypt data has traditionally been limited to data-at-rest and data-in-transit.
When it comes to actually utilizing data i.e. data-in-use, encryption has to come off and data has to be transacted and manipulated in clear text. Modern day attackers rely on hijacked or stolen credentials to bypass encryption at rest and other security mechanisms. With credentials in hand they access this valuable data-in-use and leave undetected through the front door. In this attack scenario, data-at-rest or data-in-transit encryption is simply not of any use.
Nowhere is this more dangerous than in the world of enterprise search. Conducting search and analytics on vast quantities of data requires the indexing and persisting of this data in clear text inside enterprise search platforms such as OpenSearch.
These platforms are the perfect targets for data hungry ransomware and extortion actors, who either look for misconfigured clusters or steal admin credentials. Once inside, they exfiltrate and use this data to extort their victims, customers and partners of their victims, and eventually leak and sell the data to other cyber criminals on the dark web. Portal26 is finally here to put an end to all that.
Securing Enterprise Search - Portal26’s Features
Ransomware and extortion attacks on Portal26 enabled OpenSearch are simply met with shrugs…
Here is how we make that possible:
All this means that even if attackers find their way to your OpenSearch you can rest easy knowing that any data that is retrieved from your OpenSearch will retain encryption.
How does a legitimate user get clear text out of a Portal26 enabled OpenSearch?
Portal26 enabled OpenSearch facilitates a number of controlled release processes including direct whitelisting and controlled release via pre-integrated proxy or translation service. All release configurations are defined at the granular field level and you can set up different fields to behave differently.
With all this advanced data protection capability available via a simple plug-in, end-to-end ransomware and extortion defense consists of two simple steps:
1. For Data Extortion Defense: Deploy OpenSearch with the Portal26 Plugin
2. For Defense against System Lockup: Connect Portal26 enabled OpenSearch to the secure backup solution of your choice. Our reference architectures and demos include AWS backups.
In the event of successful ransomware attacks on Portal26 enabled OpenSearch follow these steps:
1. Restore Portal26 enabled OpenSearch from backup
2. Ignore ransom demands for exfiltrated data
BYOK Enablement for SaaS Operators and MSPs
If you operate a SaaS service with Opensearch as the backend, and sell your services to other enterprises, you are likely in for another pleasant surprise.
Enterprises across the globe are demanding BYOK from their SaaS providers. BYOK is the ability for the enterprises (customer organizations) to supply, manage and control their own encryption key that is being used to protect their sensitive data.
Portal26 Plugin immediately brings this much sought BYOK capability to any Opensearch cluster that it protects. SaaS operators can unleash this powerful protection without making any code changes to their application and gain traction in financial service, healthcare, government and other such highly regulated sectors.