Backup snapshots, replicas, or cross-region copies of the file system may be configured with access controls broader than the primary mount. Unauthorized users or external systems can read file content from the copy without mounting the live file system. This impacts confidentiality of data retained in snapshots and replicas.
Storage / File Storage / Threats / DEV
Snapshots or Replicas Expose File System Contents
CCC.FileStor.TH05
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.FileStor.CP07 | Multi-Availability-Zone Durability | The service can replicate file system data across multiple availability zones within a region to improve availability during zone failures. |
| CCC.Core.CP08 | Data Replication | The service automatically replicates data across multiple deployments simultaneously with parity, or may be configured to do so. |
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
| CCC.Core.CP12 | Recovery | The service can be reverted to a previous state by providing a compatible backup or snapshot identifier. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.FileStor.CN05 | Restrict Snapshot Access for File Systems | Ensure that backup snapshots and replicas of the file system are not more accessible than the primary file system. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| MITRE-ATT&CK | T1530 | Data from Cloud Storage Object |
| D3FEND | D3-ACH | Application Configuration Hardening — counters T1530 |