OSS buckets without SSE-KMS encryption

Data protection

OSS buckets without SSE-KMS encryption

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AliCloud CIS
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
coppa
CPRA
Data Security Posture Management (DSPM) Best Practices
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA

Description

Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are stored in containers called buckets. It was detected that the OSS bucket {AliCloudOssBucket} doesn't use SSE-KMS encryption. Server-side encryption protect your data at rest and reduce the possibility of it being exposed.

Recommended Mitigation

It is recommended to configure server-side encryption with KMS (SSE-KMS) to protect your data at rest.

OSS buckets without SSE-KMS encryption

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS