Data protection

OSS buckets without SSE-KMS encryption

Platform(s)
Compliance Frameworks
  • AliCloud CIS
    • ,
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCM-CSA
    • ,
  • CCPA
    • ,
  • cis_8
    • ,
  • coppa
    • ,
  • CPRA
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • mpa
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • PDPA
    • ,
  • pipeda

Description

Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are stored in containers called buckets. It was detected that the OSS bucket {AliCloudOssBucket} doesn't use SSE-KMS encryption. Server-side encryption protect your data at rest and reduce the possibility of it being exposed.
Need help?

Get a free Security Risk Assessment. Start today

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo