EC2 Instance is using an unencrypted volume

Data protection

EC2 Instance is using an unencrypted volume

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
coppa
CPRA
CSA CCM
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-190
NIST 800-53
Orca Best Practices
PDPA

Description

The asset {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) is using one or more volumes which are not encrypted ({AwsEc2Instance.Ec2EbsVolumes}). It means that in a case of an attack, the data on the volume is potentially insecure.

Recommended Mitigation

Enable encryption for EBS volumes. See more here: <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default</a>

EC2 Instance is using an unencrypted volume

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS