ElastiCache Redis In-Transit or At-Rest not Encrypted

Network misconfigurations

ElastiCache Redis In-Transit or At-Rest not Encrypted

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCM-CSA
cis_8
GDPR
HIPAA
HITRUST
ISO 27701
NIST 800-53
Orca Best Practices

Description

ElastiCache makes it easy to set up, manage, and scale distributed in-memory cache environments in the Cloud. It provides a high performance, resizable, and cost-effective in-memory cache. It was detected that the Elasticache cluster has disabled In-Transit and At-Rest Encryption. Data encryption helps prevent unauthorized users from reading sensitive data available on your Redis clusters and their associated cache storage systems.

Recommended Mitigation

It is recommended to enable In-Transit and At-Rest encryption when creating a cluster. Enabling encryption can have some performance impact. For more information: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/encryption.html

ElastiCache Redis In-Transit or At-Rest not Encrypted

Description

Need help?