Whats are the steps required for customer to enable Security Hub while setting up multi account

When moving from a single account Security hub to a multi account, the recommendation would be to Integrate Security hub with AWS Organizations. This would help automate and streamline the management of accounts. You can integrate with Organizations if you have more than one AWS account that uses Security Hub.

The two ways to enable AWS Security Hub is by integrating with AWS Organizations or manually.

1. AWS Organizations: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html#securityhub-orgs-setup-overview
2. Manually: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html#securityhub-manual-setup-overview

In case you customer is choosing the manual route they can disable Security Hub from Payer account and enable it in the Security account. Please note the following before disabling The following occurs when you disable Security Hub for an account:

1. No new findings are process for the account.
2. After 90 days, your existing findings and insights and any Security Hub configuration settings are deleted and cannot be recovered.
3. If you want to save your existing findings, you must export them before you disable Security Hub. For more information, see Effect of account actions on Security Hub data.Any enabled standards and controls are disabled. https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-disable.html