---
names:
  full: AWS EFS File System encryption is not enabled
  contextual: File System encryption is not enabled
description: EFS data should be encrypted at rest using AWS KMS (Key Management Service)
type: COMPLIANCE_POLICY
categories:
  - SECURITY
frameworkMappings:
  - "/frameworks/cis-aws-v7.0.0/03/03/01"
  - "/frameworks/cloudaware/resource-security/data-encryption"
  - "/frameworks/aws-fsbp-v1.0.0/efs/08"
  - "/frameworks/aws-well-architected/sec/08/02"
similarPolicies:
  internal:
    - dec-x-966d3183
  cloudConformity:
    - url: https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/EFS/encryption-enabled.html
      name: EFS Encryption Enabled
  awsSecurityHub:
    - name: "[EFS.8] EFS file systems should be encrypted at rest"
      url: "https://docs.aws.amazon.com/securityhub/latest/userguide/efs-controls.html#efs-8"