Announcing Payment Card Industry Data Security Standard (PCI DSS) compliance for Elastic Cloud

Elastic has announced that its Elastic Cloud services are now compliant with the Payment Card Industry Data Security Standard (PCI DSS), allowing cardholder data to be stored across all Elastic Cloud regions in a secure manner. PCI DSS provides security standards for organizations that handle cardholder data, requiring robust access controls, vulnerability management, and regular network monitoring. Elastic achieved this compliance after a Level 1 Service Provider assessment by a third-party auditor, as recognized by the PCI Security Standards Committee’s Cloud Computing Guidelines. Customers can request the PCI Responsibility Matrix and the PCI DSS Attestation of Compliance (AOC), which demonstrate Elastic's adherence to security best practices. These documents outline the shared compliance responsibilities between Elastic and its customers, and customers are encouraged to contact their Account Executive for further details if their use case involves PCI DSS compliance.