Ensure that data is only replicated on infrastructure in locations that are explicitly included within a defined trust perimeter.
Core / Ccc / Controls / DEV
Restrict Data Replication to Trust Perimeter
CCC.Core.CN10 · Data
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP21 | Resource Replication | The service may be configured to replicate child resources across multiple deployments. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.Core.TH04 | Data is Replicated to Untrusted or External Locations | Systems are susceptible to unauthorized access or interception by actors with political or physical control over the network in which they are deployed. Confidentiality may be impacted if the data is replicated to a network where the geopolitical status is untrusted, unstable, or insecure. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.Core.CN10.AR01 | When data is replicated, the service MUST ensure that replication only occurs to destinations that are explicitly included within the defined trust perimeter. | tlp-green, tlp-amber, tlp-red |