πΌ Data Protection and Recovery
- Contextual name: πΌ Data Protection and Recovery
- ID:
/frameworks/cloudaware/resource-security/data-protection-and-recovery - Located in: πΌ Resource Security
Descriptionβ
Policies for identifying resources that do not protect data from loss or corruption in case of incidents or malicious attacks.
Similarβ
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (10)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS S3 Bucket MFA Delete is not enabled π π’ | 1 | π x1, π’ x6 |
| π AWS S3 Bucket Object Lock is not enabled π π’ | 1 | π x1, π’ x6 |
| π AWS S3 Bucket sensitive data is not discovered, classified, and secured π’ | π’ x3 | |
| π AWS S3 Bucket Versioning is not enabled π’ | 1 | π’ x6 |
| π Azure Key Vault Soft Delete and Purge Protection functions are not enabled π’ | 1 | π’ x6 |
| π Azure Storage Account Cross Tenant Replication is enabled π’ | 1 | π’ x6 |
| π Azure Storage Blob Containers Soft Delete is not enabled π’ | 1 | π’ x6 |
| π Google BigQuery Sensitive Data Protection is not in use π’ | π’ x3 | |
| π Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on π’ | 1 | π’ x6 |
| π Mission-Critical Azure Resources do not use Resource Locks π’ | π’ x3 |