💼 CC6.1-10 Uses Encryption to Protect Data
- ID:
/frameworks/soc-2/cc6/01/10
Description
The entity uses encryption to supplement other measures used to protect data-at-rest, when such protections are deemed appropriate based on assessed risk.
Similar
- Internal
- ID:
dec-c-46748ea9
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (11)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Account EBS Volume Encryption Attribute is not enabled in all regions🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EFS File System encryption is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS KMS Symmetric CMK Rotation is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance Encryption is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Unattached Managed Disk is not encrypted with Customer-managed key🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Virtual Machine OS and Data disks are not encrypted with Customer-managed key🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google BigQuery Dataset is not encrypted with Customer-Managed Encryption Key (CMEK)🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google BigQuery Table is not encrypted with Customer-Managed Encryption Key (CMEK)🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Dataproc Cluster is not encrypted using Customer-Managed Encryption Key🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Disk for critical VMs is not encrypted with Customer-Supplied Encryption Key (CSEK)🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Instance Confidential Compute is not enabled🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-0bdcd276 | 1 | |
| ✉️ dec-x-4d6fee7a | 1 | |
| ✉️ dec-x-6ba5ecd2 | 1 | |
| ✉️ dec-x-9cdb7407 | 1 | |
| ✉️ dec-x-966d3183 | 1 | |
| ✉️ dec-x-f63fd4f0 | 1 |