Critical

CloudAnalytics receiving PII cross-region (ap-south-1)

Issue 0

Problem Statement

CloudAnalytics Inc is receiving user data that crosses the US-only data residency border. PII (email addresses, IP addresses) has been flowing for 2 hours across 23 flows from app-server-02.

Actors

Source

Name :

app-server-02

Type :

Internal Service

Owner :

eng-team

Destination

Name :

CloudAnalytics Inc

Type :

Vendor

Lifecycle State :

Approved

Region :

ap-south-1

Data in Transit

SensitivityPII

Data Types

email addresses

IP addresses

user agent strings

Flow Volume

↑ 5 from yesterday

Border Crossed

Policy :

Data Residency — US Only

Version :

Rule :

allowed_regions: [us-east-1, us-west-2]

Expected

Data routes through us-east-1, us-west-2 only

Actual

Data routed to ap-south-1

Severity & Impact

Severity

Critical

Detected

2026-03-03 07:14 UTC

Age

2 hours

Compliance Impact

99.8% → 98.2%

Remedy Options

Talk to Team

Notify eng-team to stop sending data to this region

Requires human action. No automatic enforcement.

Enforce via Qcontrol

Block data flows to ap-south-1 at the network level

Immediate. Will disrupt 23 active flows to CloudAnalytics.

Reconfigure Source

Route app-server-02 traffic through us-east-1 instead

Requires service configuration change. May need deployment.

Change Policy

Add ap-south-1 to allowed regions for Data Residency policy

Weakens the residency boundary. Affects all flows under this policy.

Silence / Grace Period

Suppress this violation for a defined period

Issue remains. Useful while remediation is in progress.