Restrict Snapshot Sharing to Authorized Accounts

CCC.RDMS.CN05: Restrict Snapshot Sharing to Authorized Accounts

Control ID:CCC.RDMS.CN05

Title:Restrict Snapshot Sharing to Authorized Accounts

Objective:Ensure database snapshots can only be shared with explicitly authorized accounts, thereby minimizing the risk of data exposure or exfiltration.

Control Family:

Identity and Access Management

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.RDMS.TH05	Unauthorized Snapshot Sharing	Snapshots may be shared with untrusted accounts, which can lead to unauthorized access and potential data exfiltration. This significantly increases the risk of data exposure if sensitive information is contained in the snapshots.	1	1	0

Related Capabilities

ID	Title	Description
CCC.Core.CP11	Backup	The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups.

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	PR.DS-10	0	-
NIST_800_53	AC-4	0	-

Assessment Requirements

ID	Description	Applicability
CCC.RDMS.CN05.AR01	When an attempt is made to share a snapshot with an unauthorized account, the sharing request must be denied.	tlp-red tlp-amber