Skip to main content
Login
Start free trialContact Sales

New

The executive guide to generative AI

Read more
About usPartnersSupport|Login
Blog
icon-rss-feed-24.svg

Building trust through compliance: Achieving IRAP Protected Level assessment for Elastic Cloud

By

Abby Zumstein

irap.jpeg

Elastic consistently delivers secure, reliable, and compliant solutions. Today, we are thrilled to announce that we have reached a significant achievement in expanding support for our Australian public sector and critical infrastructure customers: We have completed our assessment against the Information Security Registered Assessors Program (IRAP) at the Protected Level!

What is IRAP?

IRAP helps Australian government and public sector and critical infrastructure organizations validate that sufficient controls are in place for their cloud service providers. IRAP is a rigorous assessment framework developed by the Australian Cyber Security Centre (ACSC). It ensures that cloud services meet stringent government security requirements, especially for handling sensitive data.

Achieving the Protected Level means our platform can securely manage sensitive information, including data that is critical to government agencies.

IRAP logo

Why we pursued IRAP assessment

For us, pursuing IRAP wasn’t just about compliance; it was also about reinforcing our commitment to building trust with our customers. With cybersecurity threats evolving daily, we recognize that robust security is not just a feature — it’s a responsibility.

By attaining IRAP certification, we’re proving to organizations in Australia and beyond that our platform meets the highest standards for protecting sensitive information. Whether you’re a government agency, a private enterprise, or a small business with strict security requirements, you can count on us to deliver solutions that prioritize your data’s safety.

What this means for our customers

  • Enhanced security assurance: IRAP guarantees that Elastic Cloud has undergone rigorous assessments by qualified experts and meets stringent security controls.

  • Support for government workloads: Our platform is now validated to support workloads at the Protected Level, opening new opportunities for collaboration with government agencies.

  • Ongoing commitment: IRAP isn’t a “set it and forget it” milestone. Maintaining compliance requires continuous monitoring, updates, and alignment with evolving security standards.

What’s the scope of our assessment?

We assessed all three available cloud service providers — AWS, GCP, and Azure — for the Elastic Cloud to continue to provide flexibility of cloud hosting choice for our customers. Currently, the following regions for Elastic Cloud Hosted are in scope:

  • GCP: gcp-australia-southeast1

  • Azure: azure-australiaeast

  • AWS: ap-southeast-2

As the Elastic Cloud Hosted and Serverless presence in Australia expands, we intend to include those regions within the scope of our IRAP assessment.

Looking ahead

As exciting as this milestone is, it’s just the beginning. Security and compliance are ongoing commitments, and we’re always looking for ways to enhance our capabilities and deliver even greater value to our customers.

To learn more about our full portfolio of compliance certifications, visit our Trust Center. If you’re curious about how Elastic Cloud can support your organization’s needs, please contact us today.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.

Sign up for Elastic Cloud free trial

Spin up a fully loaded deployment on the cloud provider you choose. As the company behind Elasticsearch, we bring our features and support to your Elastic clusters in the cloud.

Start free trial