Data Security Top Five Policy

Open Raven provides a set of default Policy Sets. This is a list of Rules that check the top 5 most important data security issues.

Rule Name

Description

Personal & Privacy data is encrypted at rest

Encryption for data at rest should be enabled on any data store that has personal & privacy data.

Developers secrets encrypted at rest

Encryption for data at rest should be enabled on any data store that has developer secrets.

Personal data is backed up and backups are encrypted

Backup should be enabled on any data store that has personal & privacy data.

Internet wide security groups

AWS security groups should not have wildcards and be open to the world.

MFA enabled

Multi-Factor Authentication should be required for all by admins access to any asset.