staging.sylvan-surf-339107.appspot.com
Overview
Critical
0High
1Medium
4Low
0Informational
0Security issues (5)
Severity | Non-Compliance | Issue | Remediation | Read more | Action |
---|---|---|---|---|---|
High | PCI DSS 3.5 HIPAA (Encryption) | Storage bucket is not encrypted using Customer-Managed Keys (CMK). | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your storage buckets are encrypted using CMK. | More info | |
Medium | PCI DSS 10.2 HIPAA (Audit) | Storage bucket has no logging enabled. | To fulfill HIPAA requirements for logging of all activity including access and actions taken, enable logging for your storage buckets by using "gsutil logging set on" command | More info | |
Medium | CIS 2.3 | Storage bucket has no retention policy. | For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. | More info | |
Medium | CIS 5.2 | Storage bucket does not have uniform bucket-level access enabled. | To ensure uniform access to all the objects within a storage bucket. ensure that uniform bucket-level access is enabled for all your storage buckets. | More info | |
Medium | — | Storage bucket does not have object versioning enabled. | To protect your object data from being overwritten or accidentally deleted, ensure that object versioning is enabled for all your storage buckets. | More info |