Best practicesFirestore security rules with public database access
Platform(s)
Compliance Frameworks
- Brazilian General Data Protection (LGPD) ,
- CCPA ,
- coppa ,
- CPRA ,
- Data Security Posture Management (DSPM) Best Practices ,
- ISO 27701 ,
- iso_27001_2022 ,
- iso_27002_2022 ,
- mpa ,
- New Zealand Information Security Manual ,
- NIST 800-171 ,
- NIST 800-53 ,
- Orca Best Practices ,
- PDPA ,
- pipeda ,
- UK Cyber Essentials
Description
We have found that Firestore Database {GcpFirestoreDatabase} is configured with overly permissive security rules, allowing public database access. Cloud Firestore Security Rules protect your data from malicious users. Make sure you properly secure your users' data by avoiding common pitfalls, as mentioned in: https://firebase.google.com/docs/firestore/security/insecure-rules#mixed-public-and-private-access_1.
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.