SEC 9: How do you protect your data at rest?

Protect your data at rest by defining your requirements and implementing controls, including encryption, to reduce the risk of unauthorized access or loss.

Resources

Best Practices for Implementing AWS Key Management Service
Protecting Amazon S3 Data Using Encryption
Amazon EBS Encryption
AWS Encryption SDK

Best Practices:

Improvement Plan

Define data at rest protection requirements
Define requirements that will help you protect your data in transit.

Implement data at rest protection
Implement controls to help protect your data at rest.

Resources from partners
Data Protection
Infrastructure Software/Storage & Backup