Publicly accessible RDS database stores sensitive data

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

A publicly accessible database containing sensitive data increases the likelihood of brute force attacks successfully granting access, which can be used by an attacker for unauthorized data access or destruction of sensitive information. Sensitive data could include personally identifiable information (PII), credentials, financial information, and network or device information. For more details on how sensitive data is detected, see the official documentation.

Remediation

  1. Modify the database instance to disable public accessibility. Review Hiding a DB instance in a VPC from the internet for more information on how to disable public accessibility.
  2. Confirm that the database instance is only accessible from trusted sources. See Controlling access with security groups for more information on how to configure security groups.
PREVIEWING: brett0000FF/node-compatibility