Skip to main content

💼 54 Cryptographic techniques can be used to control access to sensitive data, both in storage and in transit. The strength of the cryptographic techniques deployed would be commensurate with the sensitivity and criticality of the data as well as other supplementary or compensating controls (refer to Attachment E for further guidance).

  • ID: /frameworks/apra-cpg-234/21/54

Description

Empty...

Similar

  • Internal
    • ID: dec-c-cef1428a

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (22)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account EBS Volume Encryption Attribute is not enabled in all regions🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution does not encrypt traffic to Custom Origins🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢1🟢 x6no data
🛡️ AWS DMS Endpoint doesn't use SSL🟢1🟢 x6no data
🛡️ AWS EFS File System encryption is not enabled🟢1🟢 x6no data
🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢1🟢 x6no data
🛡️ Azure App Service FTP deployments are not disabled🟢1🟢 x6no data
🛡️ Azure App Service HTTPS Only configuration is not enabled🟢1🟢 x6no data
🛡️ Azure App Service Minimum TLS Version is not set to TLS 1.2 or higher🟢1🟢 x6no data
🛡️ Azure Diagnostic Setting Logs export to Storage Account not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure MySQL Flexible Server TLS Version is not set to TLS 1.2🟢1🟢 x6no data
🛡️ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled🟢1🟢 x6no data
🛡️ Azure Storage Account Minimum TLS Version is not set to TLS 1.2 or higher🟢1🟢 x6no data
🛡️ Azure Storage Account Require Infrastructure Encryption is not enabled🟢1🟢 x6no data
🛡️ Azure Storage Account Secure Transfer Required is not enabled🟢1🟢 x6no data
🛡️ Azure Storage Account With Critical Data is not encrypted with customer managed key🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Unattached Managed Disk is not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure Virtual Machine OS and Data disks are not encrypted with Customer-managed key🟢1🟢 x6no data

Internal Rules

RulePoliciesFlags
✉️ dec-x-0bdcd2761
✉️ dec-x-2ace19521
✉️ dec-x-5c3c20671
✉️ dec-x-6ed261671
✉️ dec-x-9cdb74071
✉️ dec-x-14f5fc251
✉️ dec-x-75db76ad1
✉️ dec-x-791dab131
✉️ dec-x-966d31831
✉️ dec-x-3181f3591
✉️ dec-x-4002ecfe1
✉️ dec-x-995424b72
✉️ dec-x-a4e033891
✉️ dec-x-aeac09d61
✉️ dec-x-aef11ebd1
✉️ dec-x-b94bd3681
✉️ dec-x-c0a7793e1
✉️ dec-x-c2bf987a1
✉️ dec-x-d5fbfc401
✉️ dec-x-d95ea48b1
✉️ dec-x-f63fd4f01