Data protection

OSS buckets encryption without BYOK method

Platform(s)
Compliance Frameworks
  • AliCloud CIS
  • ,
  • Brazilian General Data Protection (LGPD)
  • ,
  • CCM-CSA
  • ,
  • CCPA
  • ,
  • cis_8
  • ,
  • coppa
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Mitre ATT&CK
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • pipeda

Description

Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are stored in containers called buckets. It was detected that the OSS bucket {AliCloudOssBucket} is not configured to use BYOK (Bring Your Own Key) method. BYOK helps you to better control encryption keys by choosing the key material yourself. When creating a KMS key you can select the Alibaba Cloud as the source of your material or you can select external key material.