EFS Encryption has not been enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | efs |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The AWS EFS file system is configured without encryption at rest, which means data and metadata stored on the file system are not protected by server-side encryption. This leaves the stored information unencrypted on disk.
Impact#
If the EFS is compromised, an attacker could access and read sensitive data directly from the file system. This increases the risk of data breaches and may result in non-compliance with regulatory or organizational security requirements.
Resolution#
Enable encryption for EFS