Governance
Information Security Governance (ISG) is a subset of IT governance that specifically focuses on managing and controlling an organization’s information security practices and measures. It encompasses the policies, processes, and structures to ensure an organization’s information assets’ confidentiality, integrity, and availability while managing and mitigating security risks effectively. bucketAV itself can be a part of your ISG. Additionally, bucketAV provides governance capabilities to ensure that your buckets are well protected.
Governance finding
Requires bucketAV for Amazon S3 powered by ClamAV® version >= 2.15.0, or bucketAV for Amazon S3 powered by Sophos® version >= 2.5.0.
To update to the latest version, follow the Update Guide.
bucketAV performs daily governance checks to ensure secure usage of the product.
The following findings are supported:
| Finding | Description |
|---|---|
| Real-time file scan not enabled | The bucket is not protected by real-time file scanning. |
| Scheduled bucket scan not enabled | The bucket is not protected by scheduled bucket scanning. |
| No scan activity | Your bucketAV setup is likely incomplete—no scan activity has been found in the past 14 days. |
| bucketAV requires an update | Your bucketAV setup is running on outdated version. |
| bucketAV Add-Ons require updates | Your bucketAV setup is running outdated Add-On versions. |
Governance findings are published to the Infrastructure Alarms Topic. You can subscribe to the findings via the InfrastructureAlarmsEmail configuration parameter.
You can disable Governance finding via the Governance configuration parameter.