Data protection

OSS buckets without SSE-KMS encryption

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are stored in containers called buckets. It was detected that the OSS bucket {AliCloudOssBucket} doesn't use SSE-KMS encryption. Server-side encryption protect your data at rest and reduce the possibility of it being exposed.
  • Recommended Mitigation

    It is recommended to configure server-side encryption with KMS (SSE-KMS) to protect your data at rest.