Evaluates whether server-side encryption is enabled for your File Storage NAS (NAS) file systems.
Scenarios
NAS supports server-side encryption, automatically encrypting data stored in file systems and decrypting it when accessed. If you have high data security or compliance requirements, we recommend that you enable this feature.
Risk level
Default risk level: low.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
-
If server-side encryption is enabled for your NAS file systems, the evaluation result is Compliant.
-
If server-side encryption is disabled for a NAS file system, the evaluation result is Non-compliant. For more information about how to remediate a non-compliant configuration, see Non-compliance remediation.
Rule details
|
Item |
Description |
|
Rule name |
nas-filesystem-encrypt-type-check |
|
Rule identifier |
nas-filesystem-encrypt-type-check |
|
Tag |
NAS and FileSystem |
|
Automatic remediation |
Not supported |
|
Trigger type |
Configuration change |
|
Supported resource type |
NAS file system |
|
Input parameter |
N/A |
Non-compliance remediation
Find the non-compliant NAS file system and enable server-side encryption for it. For more information, see Server-side encryption.