gcf-sources-853160546542-us-central1

Overview
Critical
0
High
1
Medium
4
Low
0
Informational
0
Security issues (5)
Severity Non-Compliance Issue Remediation Read more Action
High PCI DSS 3.5 HIPAA (Encryption) Storage bucket is not encrypted using Customer-Managed Keys (CMK). To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your storage buckets are encrypted using CMK. More info
Medium Storage bucket does not use lifecycle management rules to manage objects during their lifetime. To optimize your data for storage costs, make sure your storage buckets are using lifecycle management rules to manage objects during their lifetime. More info
Medium PCI DSS 10.2 HIPAA (Audit) Storage bucket has no logging enabled. To fulfill HIPAA requirements for logging of all activity including access and actions taken, enable logging for your storage buckets by using "gsutil logging set on" command More info
Medium CIS 2.3 Storage bucket has no retention policy. For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. More info
Medium Storage bucket does not have object versioning enabled. To protect your object data from being overwritten or accidentally deleted, ensure that object versioning is enabled for all your storage buckets. More info