Snapshot is not using customer-managed KMS keys

Data protection

Snapshot is not using customer-managed KMS keys

Platform(s)

Compliance Frameworks

CCM-CSA
Data Security Posture Management (DSPM) Best Practices
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53

Description

GCP Snapshot is able to capture a disk state at a particular point in time, which can be later restored to a new disk. We identified a Snapshot '{GcpVmSnapshot}' that was encrypted using default encryption keys managed by Google and not using customer-managed encryption keys (CMEK) which enable more control over the encryption keys.

Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Snapshot is not using customer-managed KMS keys

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS