Data at risk

MemoryStore Redis instance is not in-transit encrypted

Platform(s)
Compliance Frameworks

Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, coppa, CPRA, hdh, ISO 27701, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, pipeda

Description

GCP MemoryStore is a service that allows you to construct your apps by using open source caching engines: Memcached or Redis. Memorystore is protocol compliant and supports both caching engines. It was detected that GCP Redis instance {GcpRedisInstance} is not in-transit encrypted. In-transit encryption using HTTPS (TLS) protocol helps to prevent potential attackers from eavesdropping or manipulating network traffic using attacks such as man-in-the-middle. However, take into account that in-transit encrypting data might have an impact on performance.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo