| ID | Title | Objective |
|---|---|---|
| CCC.RDMS.CN01 | Password Management | Ensure default vendor-supplied DB administrator credentials are replaced with strong, unique passwords and that these credentials are properly managed using a secure password or secrets management solution. |
| CCC.RDMS.CN02 | Account Lockout and Rate-Limiting | Ensure the database enforces lockouts or rate-limiting after a specified number of failed authentication attempts. This prevents brute force or password-guessing attacks from succeeding. |
| CCC.RDMS.CN04 | Access Control for Backup and Restore Operations | Restrict who can initiate, manage, and validate database backup or restore operations through strict role-based or least-privilege access. Prevents accidental or malicious restorations, protecting data integrity and availability. |
| CCC.RDMS.CN05 | Restrict Snapshot Sharing to Authorized Accounts | Ensure database snapshots can only be shared with explicitly authorized accounts, thereby minimizing the risk of data exposure or exfiltration. |
| CCC.RDMS.CN03 | Enforce and Monitor Automated Backups | Ensure database backups are automatically scheduled, actively monitored, and promptly reported if any disruptions occur. This helps maintain data integrity, facilitates disaster recovery, and supports business continuity when a system failure or breach occurs. |
Database / Relational
Controls
Version: