AWS SageMaker notebook instance not configured with data encryption at rest using KMS key

Data protection

AWS SageMaker notebook instance not configured with data encryption at rest using KMS key

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
coppa
CPRA
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

AWS SageMaker is a service that enables to create, train, and deploy machine-learning models in the cloud. AWS SageMaker notebook instance provides a Jupyter notebook app through a fully managed machine learning AWS EC2 instance, and used to perform advanced data exploration. It was found that the AWS SageMaker notebook instance {AwsSagemakerNotebookInstance} is not encrypted at rest using AWS KMS.

Recommended Mitigation

Ensure that your SageMaker notebook instance storage volumes are encrypted at rest with Amazon KMS Key. Please note that in order to enable data encryption for an existing AWS SageMaker notebook instance, you must re-create that notebook instance with the necessary encryption configuration. for more information: <a href="https://docs.aws.amazon.com/sagemaker/latest/dg/encryption-at-rest-nbi.html." target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/sagemaker/latest/dg/encryption-at-rest-nbi.html.</a>

AWS SageMaker notebook instance not configured with data encryption at rest using KMS key

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS