Root and user volumes on Workspaces should be encrypted
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | workspaces |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The AWS WorkSpaces resource is configured without encryption enabled for root and user volumes, leaving all data stored on these disks unprotected at rest. This misconfiguration allows data to be stored in plaintext.
Impact#
If the WorkSpace or its underlying storage is compromised, sensitive data can be accessed and read directly by unauthorized parties, leading to potential data breaches, loss of confidentiality, and regulatory non-compliance.
Resolution#
Root and user volume encryption should be enabled