Ensure database snapshots can only be shared with explicitly authorized accounts, thereby minimizing the risk of data exposure or exfiltration.
Database / Relational / Controls / DEV
Restrict Snapshot Sharing to Authorized Accounts
CCC.RDMS.CN05 · Access
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.RDMS.TH05 | Unauthorized Snapshot Sharing | Snapshots may be shared with untrusted accounts, which can lead to unauthorized access and potential data exfiltration. This significantly increases the risk of data exposure if sensitive information is contained in the snapshots. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.RDMS.CN05.AR01 | When an attempt is made to share a snapshot with an unauthorized account, the sharing request must be denied. | tlp-red, tlp-amber |