CCC.RDMS.C05: Restrict Snapshot Sharing to Authorized Accounts
Objective:Ensure database snapshots can only be shared with explicitly authorized
accounts, thereby minimizing the risk of data exposure or exfiltration.
Control Family:
Identity and Access Management
Threats:
| ID | Title | Description |
|---|---|---|
| CCC.RDMS.TH05 | Unauthorized Snapshot Sharing | Snapshots may be shared with untrusted accounts, which can lead to unauthorized access and potential data exfiltration. This significantly increases the risk of data exposure if sensitive information is contained in the snapshots. |
NIST CSF:
PR.DS-10
Control Mappings
NIST_800_53:
AC-4
Test Requirements
CCC.RDMS.C05.TR01:When an attempt is made to share a snapshot with an unauthorized
account, the sharing request must be denied.
TLP:
tlp_red
tlp_amber