Back to All Checks
Medium EMR Regional

Amazon EMR security configurations should be encrypted at rest

NIST 800-53

Description

This control checks whether an Amazon EMR security configuration has encryption at rest enabled. The control fails if the security configuration doesn't enable encryption at rest. Data at rest refers to data that's stored in persistent, non-volatile storage for any duration. Encrypting data at rest helps you protect its confidentiality, which reduces the risk that an unauthorized user can access it.

Remediation

To enable encryption at rest for your EMR security configuration, you need to update the encryption settings.

Steps

  1. Navigate to the Amazon EMR console
  2. Go to 'Security configurations' in the left navigation
  3. Select your security configuration
  4. Choose 'Edit' to modify the configuration
  5. In the 'Encryption' section, enable 'Encryption at rest'
  6. Configure the encryption settings (KMS key, etc.)
  7. Save the configuration to apply encryption at rest

Compliance

NIST 800-53
Start Your Free Security Check