Systems are susceptible to unauthorized access or interception by actors with political or physical control over the network in which they are deployed. Confidentiality may be impacted if the data is replicated to a network where the geopolitical status is untrusted, unstable, or insecure.
Core / Ccc / Threats / DEV
Data is Replicated to Untrusted or External Locations
CCC.Core.TH04
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP21 | Resource Replication | The service may be configured to replicate child resources across multiple deployments. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.Core.CN09 | Ensure Integrity of Access Logs | Ensure that access logs are always recorded to an external location that cannot be manipulated from the context of the service(s) it contains logs for. |
| CCC.Core.CN10 | Restrict Data Replication to Trust Perimeter | Ensure that data is only replicated on infrastructure in locations that are explicitly included within a defined trust perimeter. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| MITRE-ATT&CK | T1565 | Data Manipulation |