AWS Security Hub Enabled Rule
This rule ensures AWS Security Hub is enabled for an AWS Account to meet security benchmarks.
| Rule | AWS Security Hub should be enabled for an AWS Account |
| Framework | SOC 2 |
| Severity | ✔ High |
Rule/Policy Description: Enable AWS Security Hub for SOC 2 Compliance
Policy Overview:
In order to meet the requirements of SOC 2 compliance, it is necessary to enable AWS Security Hub for your AWS account. AWS Security Hub is a comprehensive security service that provides a unified view of security alerts and compliance status across multiple AWS accounts, helping you to identify and remediate security risks effectively.
Troubleshooting Steps:
If you encounter any issues while enabling AWS Security Hub, please follow the troubleshooting steps below:
- 1.
Check Account Permissions: Ensure that the IAM user or role you are using to enable Security Hub has the necessary permissions. Specifically, verify that the user or role has the
permission.securityhub:EnableSecurityHub - 2.
Verify Service Quotas: Check the service quotas for your AWS account to ensure that you have not exceeded any relevant limits. If necessary, request a quota increase through the AWS Support Center.
- 3.
AWS Organizations Configuration: If you are enabling Security Hub for an AWS organization, ensure that the organization's updated service control policies (SCPs) allow the enabling of Security Hub. Review the SCPs using the AWS Organization's console.
- 4.
Review AWS Config Configuration: If you are using AWS Config, ensure that it is properly configured and enabled in the account where Security Hub is being enabled. Ensure that all necessary AWS Config rules are active for the desired compliance checks.
Necessary Codes:
There are no specific codes required to enable AWS Security Hub for SOC 2 compliance. However, you need to be familiar with the AWS Management Console and the AWS Command Line Interface (CLI) to perform the necessary steps.
Step-by-Step Guide:
Follow the step-by-step guide below to enable AWS Security Hub for SOC 2 compliance:
- 1.
Sign in to the AWS Management Console: Go to the AWS Management Console website (console.aws.amazon.com) and sign in with your AWS account credentials.
- 2.
Open the Security Hub Service: In the AWS Management Console, search for "Security Hub" in the search bar or navigate to the Security & Identity category and select "Security Hub."
- 3.
Enable Security Hub: Click on the "Enable Security Hub" button in the Security Hub dashboard.
- 4.
Choose the AWS Account: If you have multiple AWS accounts within your organization, choose the AWS account for which you want to enable Security Hub.
- 5.
Review and Enable Standards: In the "Enable AWS Security Standards" section, you can choose to enable various security standards. For SOC 2 compliance, ensure that "SOC 2 - Security & Availability" is selected.
- 6.
Enable Automated Security Checks: Under "Enable automatic monitoring for all new and existing findings," select the option to enable automated security checks. This will trigger continuous monitoring for security-related findings in your account.
- 7.
Confirm and Enable: Review the details on the confirmation page and click on "Enable Security Hub" to enable AWS Security Hub for the selected account.
- 8.
Monitor Security Hub: Once enabled, navigate to the Security Hub dashboard to monitor security findings and compliance status. Review the findings dashboard, integrate Security Hub with other services as necessary, and set up notifications to stay informed about any security-related events.
Please note that it may take a few minutes for Security Hub to fully initialize and start collecting findings.
By following these steps, you will successfully enable AWS Security Hub for SOC 2 compliance in your AWS account. It is recommended to regularly monitor Security Hub and take appropriate actions to address any security risks or compliance issues that may arise.