Function Overview

Data Security Center (DSC) is a latest-generation cloud data security management platform that protects your data assets by leveraging its data protection capabilities such as data classification, risk identification, data masking, and watermark-based source tracking. DSC gives you an insight into the security status of each stage in data security lifecycle and provides constant visibility of the security status of your data assets.

Before using DSC, grant permissions for accessing cloud resources to DSC so that you can access your big data, database, OBS, and other assets on the cloud through DSC. Add your assets to DSC for full-lifecycle management.

The data asset map allows you to view the security status of your assets from multiple dimensions, such as asset overview, categories and risk levels, permissions, storage, sensitivity, and data egress analysis. This helps you quickly detect risky assets and handle them.

Automatic data classification: DSC precisely and efficiently identifies sensitive data from structured data stored in Relational Database Service (RDS) and unstructured data stored in Object Storage Service (OBS) based on the expert expertise and the techniques powered by AI.

• File types: DSC can identify sensitive data from over 200 types of unstructured files.
• Data types: DSC is able to identify dozens of personal privacy data types (Chinese or English).
• Image types: DSC is able to identify sensitive words (Chinese and English) in eight types of images such as PNG, JPEG, x-portable-pixmap, TIFF, BMP, GIF, JPX, and JP2.
• Compliance templates: Various templates built in DSC are used to check whether data is compliant with regulations and standards such as General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), and Health Insurance Portability and Accountability Act (HIPAA).

Automatic identification of sensitive data

• Automatic identification of sensitive data and personal privacy data.
• Customized identification rules to meet various requirements of different industries.
  
• Visualized identification results.

• OBS Usage Audit:

DSC detects OBS buckets based on sensitive data identification rules and monitors identified sensitive data. After abnormal operations of the sensitive data are detected, DSC allows you to view the monitoring result and handle the abnormal events as required.

• Tracing Watermarks：

DSC provides the watermark extraction function for PDF, PPT, Word, and Excel files and databases.

Copyright proof: The owner information is added to the assets to specify the ownership, achieving copyright protection.

Automated monitoring: The user information is added to the assets for tracing data leak.

DSC supports static data masking and dynamic data masking. You can configure masking rules for specified data assets to implement static masking or use the API for dynamic data masking to implement dynamic data masking, ensuring that sensitive information is not disclosed. Data Masking Algorithms lists the data masking algorithms supported by DSC.

Static data masking: DSC can help mask a large amount of data at one time based on the configured data masking rules. Static data masking is used when sensitive data in the production environment is delivered to the development, testing, or external environment for development and testing and data sharing and research. You can create an data masking task on the DSC console to quickly mask sensitive data in databases and big data assets.

Dynamic data masking: DSC provides dynamic data masking APIs to mask the data accessed from the external systems. Dynamic data masking applies to scenarios where data is queried from the external system, such as production applications, data exchange, O&M applications, and precision marketing.

You can use DSC to inject watermarks into your documents, claiming the ownership.

Data watermarking is widely used in government departments, medical care, finance, scientific research, and other institutions. It is generally used for copyright protection and source tracing.

• Data copyright protection: In scenarios where digital works are downloaded or copied for use and database services (data mining and analysis) provide data to third parties, digital watermarks can be used to identify the copyright when disputes occur,
• Source tracing: Data provided for internal employees or third parties can be injected with watermarks to identify the ownership and remind them of keeping the data secure. When the data leaked, the watermarks can be used to trace the source of data leak and identify the root cause.

DSC sends notifications through the notification method configured by users when sensitive data identification is completed or abnormal events are detected.