More Info:

Ensure that your Amazon EFS file systems are encrypted using KMS CMK customer-managed keys instead of AWS managed-keys (default keys used by the EFS service when there are no customer keys defined) in order to have more granular control over your data-at-rest encryption/decryption process.

Risk Level

High

Address

Security

Compliance Standards

ISO27001, HIPAA

Triage and Remediation

Check Cause

Using Console

Additional Reading: