Redwood City, California – February 18, 2020 – Instaclustr, the leading provider of fully managed solutions for scalable open source technologies, today announced it has achieved PCI-DSS certification across its managed Apache Cassandra and Apache Kafka services running in AWS. This PCI-DSS certification adds to Instaclustr’s existing SOC 2 accreditation, ensuring that even customers with the most stringent security requirements can utilize Instaclustr’s expertly managed open source data-layer solutions with absolute confidence.
The PCI-DSS (Payment Card Industry Data Security Standard) is the payment card industry’s mandated information security standard and applies to all organizations that store, process, and/or transmit cardholder data. PCI-DSS certification requirements dictate that all system components either within the cardholder data environment or with access to it must feature specific and strict technical, physical, and operational security controls. Beyond applications directly involving finance and payment card transactions, PCI-DSS controls are currently seeing increased adoption across other industries, as the recognized “gold standard” for security practices.
Instaclustr engaged in the most significant singular engineering project in the company’s history to achieve PCI-DSS certification, investing months and several person-years of expert engineering effort to implement more than 100 changes and further secure every aspect across Instaclustr’s many systems. With the successful completion of this involved security project, enterprise customers utilizing any product or platform supported by Instaclustr now benefit from these myriad security improvements and enhancements – even those that do not specifically require PCI-DSS compliant environments.
Some of the most important security improvements introduced as part of the PCI-DSS certification effort include:
- A more secure administration access environment, with technical controls preventing data egress via Instaclustr’s admin systems.
- Improved logging and auditing infrastructure.
- Hardened operating system and tighter cryptographic standards.
- A newly-added web application firewall protecting Instaclustr’s console and APIs.
- Enhanced automated scanning, and tightened resolution policies for remediating code dependency vulnerabilities.
- More frequent security scanning of Instaclustr’s central management systems.
- More robust and intensive developer security training.
“By achieving PCI-DSS certification, Instaclustr continues to take a proactive approach to advanced security measures, staying ahead of the curve on key security features and compliance certifications – it’s something we take very seriously,” said Ben Slater, CPO, Instaclustr. “Doing so enables our customers to build their innovative applications on scalable, fully open source data-layer technologies with complete confidence. We’re proud to see our dedicated efforts to implement PCI-DSS-compliant practices achieve certification, and we are excited to introduce new customers requiring PCI-DSS certification to the benefits of our managed Apache Cassandra and Apache Kafka offerings in AWS.”
Customers requiring full PCI-DSS compliance can opt-in when creating a cluster on the Instaclustr managed platform to enable the required security options (including the use of Private Network Clusters, password complexity in the Instaclustr console, and additional technical controls). Instaclustr customers with existing clusters who are interested in adhering to PCI-DSS compliance should contact [email protected]. For further information or a technical briefing, contact an Instaclustr Customer Success representative or [email protected].
About Instaclustr
Instaclustr delivers reliability at scale through our integrated data platform of open source technologies such as Apache Cassandra®, Apache Kafka®, Apache Spark™ and Elasticsearch. We enable companies to focus internal development and operational resources on building cutting edge customer-facing applications. Instaclustr now has more than 50 million node hours and 5 PB of data under management across its open source technology suite.
For more information, visit Instaclustr.com and follow us @Instaclustr.
-
- In the News
Four New Apache Cassandra 5.0 Features to Be Excited About
-
- Press Release
1 in 3 Enterprise Cloud Migrations Fail: How Can Yours Succeed?
For all of the application and infrastructure modernization incentives spurring enterprises to complete cloud migrations, a daunting number of these initiatives run up against lengthy delays and obstacles—if not outright failure. The oft-cited industry survey from the Cloud Security Alliance is rife with cautionary tales, reporting that just 25% of surveyed organizations completed their cloud migrations on…
-
- Press Release
AI, efficiency and a rise in citizen developers — development predictions for 2024
As with many other areas this year, software development has been greatly influenced by the rise in AI. But that’s not the only area where things are changing. Here’s what some industry experts think the development sector has in store for 2024. Development is an area where the influence of AI is strong, Miten Marfatia,…
-
- Press Release
Why Open Source is the best strategy for platform engineering
Platform engineering is an increasingly popular strategy for improving developer experiences and productivity. Organizations would be smart to use Open Source technologies as the backbone of their implementations. The approach is built around empowering developers with internal developer platforms (IDPs) and flexible, self-service capabilities that accelerate application development and time-to-market. Those capabilities can include cloud…