Information Security Governance (ISG) is a subset of IT governance that specifically focuses on managing and controlling an organization’s information security practices and measures. It encompasses the policies, processes, and structures to ensure an organization’s information assets’ confidentiality, integrity, and availability while managing and mitigating security risks effectively. bucketAV itself can be a part of your ISG. Additionally, bucketAV provides governance capabilities to ensure that your S3 buckets are well protected.
Governance finding (#)
Requires bucketAV powered by ClamAV® version >= 2.15.0 or bucketAV powered by Sophos® version >= 2.5.0. To update to the latest version, follow the Update Guide.
bucketAV performs daily governance checks to ensure secure usage of the product.
The following findings are supported:
|Real-time file scan not enabled
|The bucket is not protected by real-time file scanning.
|Scheduled bucket scan not enabled
|The bucket is not protected by scheduled bucket scanning.
|No scan activity
|Your bucketAV setup is likely incomplete—no scan activity has been found in the past 14 days.
Governance findings are published to the Infrastructure Alarms Topic. You can subscribe to the findings via the InfrastructureAlarmsEmail configuration parameter.
You can disable Governance finding via the Governance configuration parameter.