Misconfigured lifecycle policies may unintentionally allow data to be exfiltrated or destroyed prematurely, resulting in a loss of availability and potential exposure of sensitive data.
Storage / Object / Threats / DEV
Data Exfiltration via Insecure Lifecycle Policies
CCC.ObjStor.TH01
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.ObjStor.CP08 | Lifecycle Policies | Supports defining policies to automate data management tasks, especially those related to cost management. |
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.ObjStor.CN04 | Objects have an Effective Retention Policy by Default | Ensure that all objects stored in the object storage system have a retention policy applied by default, preventing premature deletion or modification of objects. |