Critical

CloudAnalytics receiving PII cross-region (ap-south-1)

violation · issue 0

Problem Statement

CloudAnalytics Inc is receiving user data that crosses the US-only data residency border. PII (email addresses, IP addresses) has been flowing for 2 hours across 23 flows from app-server-02.

Actors

Source Actor

Name

app-server-02

Type

Internal Service

Owner

eng-team

Destination Actor

Name

CloudAnalytics Inc

Type

Vendor

Lifecycle State

Approved

Region

ap-south-1

Data in Transit

SensitivityPII

Data Types

email addressesIP addressesuser agent strings

Flow Volume

↑ 5 from yesterday

Border Crossed

Policy

Data Residency — US Only

Version

Rule

allowed_regions: [us-east-1, us-west-2]

Expected

Data routes through us-east-1, us-west-2 only

Actual

Data routed to ap-south-1

Severity & Impact

Severity

Critical

Detected

2026-03-03 07:14 UTC

Age

2 hours

Compliance Impact

99.8% → 98.2%

Remedy Options

Talk to Team

Notify eng-team to stop sending data to this region

Requires human action. No automatic enforcement.

Enforce via Qcontrol

Block data flows to ap-south-1 at the network level

Immediate. Will disrupt 23 active flows to CloudAnalytics.

Reconfigure Source

Route app-server-02 traffic through us-east-1 instead

Requires service configuration change. May need deployment.

Change Policy

Add ap-south-1 to allowed regions for Data Residency policy

Weakens the residency boundary. Affects all flows under this policy.

Silence / Grace Period

Suppress this violation for a defined period

Issue remains. Useful while remediation is in progress.