💼 Data Protection and Recovery

• ID: /frameworks/cloudaware/resource-security/data-protection-and-recovery

Description

Policies for identifying resources that do not protect data from loss or corruption in case of incidents or malicious attacks.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (18)

Policy	Logic Count	Flags	Compliance
🛡️ AWS DynamoDB Table Point In Time Recovery is not enabled🟢	1	🟢 x6	no data
🛡️ AWS ElastiCache Redis Cluster automatic backups are not enabled🟢	1	🟢 x6	no data
🛡️ AWS RDS Instance automated backups are not enabled🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket MFA Delete is not enabled🟠🟢	1	🟠 x1, 🟢 x6	no data
🛡️ AWS S3 Bucket Object Lock is not enabled🟠🟢	1	🟠 x1, 🟢 x6	no data
🛡️ AWS S3 Bucket sensitive data is not discovered, classified, and secured🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ AWS S3 Bucket Versioning is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Databricks Unity Catalog is not configured🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Key Vault Soft Delete and Purge Protection functions are not enabled🟢	1	🟢 x6	no data
🛡️ Azure Resource Lock is not enabled for mission-critical resources🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Storage Account Blob Service Versioning is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Storage Account Cross Tenant Replication is enabled🟢	1	🟢 x6	no data
🛡️ Azure Storage Account uses Delete lock🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Storage Account uses ReadOnly lock🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Storage Blob Containers Soft Delete is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Storage File Shares Soft Delete is not enabled🟢	1	🟢 x6	no data
🛡️ Google BigQuery Sensitive Data Protection is not in use🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on🟢	1	🟢 x6	no data