Amazon ElastiCache for Redis now PCI DSS compliant, allows process sensitive payment card data in-memory for faster performance

Amazon Web Services announced Tuesday that its Amazon ElastiCache for Redis has achieved Payment Card Industry Data Security Standard (PCI DSS) that enables users to use ElastiCache for Redis for low-latency and high-throughput in-memory processing of sensitive payment card data, such as Customer Cardholder Data (CHD). ElastiCache for Redis is a Redis-compatible, fully-managed, in-memory data store and caching service in the cloud. It delivers sub-millisecond response times with millions of requests per second.

To create a PCI-Compliant ElastiCache for Redis cluster, you must use the latest Redis engine version 4.0.10 or higher and current generation node types.

The service offers various data security controls to store, process, and transmit sensitive financial data. These controls include in-transit encryption (TLS), at-rest encryption, and Redis AUTH. There’s no additional charge for PCI DSS compliant ElastiCache for Redis.

ElastiCache for Redis has multiple features to enhance reliability for critical production deployments including automatic detection and recovery from cache node failures; multi-AZ with automatic failover of a failed primary cluster to a read replica in Redis clusters that support replication; and Redis (cluster mode enabled) supports partitioning of data across up to 15 shards.

Redis version 3.2.6 supports in-transit and at-rest encryption with authentication so you can build HIPAA-compliant applications. Its flexible Availability Zone placement of nodes and clusters for increased fault tolerance, and provides integration with other AWS services such as Amazon EC2, Amazon CloudWatch, AWS CloudTrail, and Amazon SNS to provide a secure, high-performance, managed in-memory caching solution.

With Amazon ElastiCache for Redis, users can start small and scale Redis data as application grows – all the way up to a cluster with 6.1 TiB of in-memory data. It supports online cluster resizing to scale-out and scale-in the Redis clusters without downtime and adapts to changing demand. To scale read capacity, ElastiCache allows users to add up to five read replicas across multiple availability zones. To scale write capacity, ElastiCache supports Redis cluster which enables users to partition their write traffic across multiple primaries.

In addition to PCI, ElastiCache for Redis is a HIPAA eligible service. If the user wants to use existing Redis clusters that process healthcare information to also process financial information, while meeting PCI requirements, they must upgrade Redis clusters from 3.2.6 to 4.0.10. Meeting these high bars for security and compliance means ElastiCache for Redis can be used for secure database and application caching, session management, queues, chat/messaging, and streaming analytics in industries as diverse as financial services, gaming, retail, e-commerce, and healthcare.

For example, users can use ElastiCache for Redis to build an internet-scale, ride-hailing application and add digital wallets that store customer payment card numbers, thus enabling people to perform financial transactions securely and at industry standards.


Leave a Reply

WWPI – Covering the best in IT since 1980