Restrict who can initiate, manage, and validate database backup or restore operations through strict role-based or least-privilege access. Prevents accidental or malicious restorations, protecting data integrity and availability.
Database / Relational / Controls / DEV
Access Control for Backup and Restore Operations
CCC.RDMS.CN04 · Access
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.RDMS.TH04 | Unintentional Database Backup Restoration | A database backup may be restored unintentionally, potentially leading to the loss or overwrite of current data. This condition could disrupt operations and result in data inconsistency or corruption. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.RDMS.CN04.AR01 | When there is an attempt to perform a backup or restore, then the attempt must fail with an access denied message if credentials or roles that are not explicitly authorized for backup/restore functions. | tlp-red, tlp-amber |