|Risk||Test measure (section number/s)|
|Buildings insufficiently protected against break-in||5.1.3, 5.3.2|
|Authentication is insufficient:
– Other customers (possibly competitors) gain access.
– Unauthorized people gain access.
– Authorized people cannot gain access.
– Customer gains access to other customers’ data.
|Authorization is insufficient:
– Too few roles and functions can be defined on the customer side.
– Too few functions are assigned different access rights.
– Administrators on the supplier’s side are not sufficiently restricted from accessing client data.
|5.1.3, 5.3.6, 5.6.13, 5.9.2|
|There are too many people that can access everything (on the supplier side).||5.1.3, 5.2.9|
|Data is accessible through insufficient encryption: – By customer
– On network
– By supplier
|Service is insufficiently robust against attacks by hackers.||5.3.7, 5.3.10|
|Data is lost:
– Storage device error
– Errors in encryption
– Loss of encryption key
– Scaling (including elasticity)
– Procedural errors
– Software errors
|No access to data because of a business incident on the supplier side.||5.1.3, 5.5.5|
|Unauthorized people have access to data because of unsafe user behavior.||5.3.3|
|(Un)authorized access is not traceable.||5.1.3, 5.3.8|
|Security is not up to date:
– On supplier side
– On connected systems (customer) – On user devices (customer)
|It is unknown if user’s own devices are safe.||5.3.3|
|Data is unintentionally not (fully) deleted.||5.6.13, 5.7.6|
|Disruption of the (virtual) environment by others occurs.||5.9|
|Third parties obtain access due to summons or investigation (jurisdiction, for example, the US Patriot Act):
– Company data
– Logging data