Community Blog Discovering and Securing Sensitive Data With Alibaba Cloud – Part 1

Discovering and Securing Sensitive Data With Alibaba Cloud – Part 1

Part 1 of this 3-part series discusses data discovery and how important it is to protect sensitive data.

By Shantanu Kaushik

Data Discovery

Data discovery is a practice that involves discovering sensitive data and securing it. Data discovery is a very prominent practice that enables business intelligence. Securing sensitive data is among the top priorities for enterprises and organizations. Security teams have to showcase effective solutions for sensitive data discovery and protection as it is a crucial component of compliance readiness for any organization.

Alibaba Cloud Sensitive Data Discovery and Protection enables seamless sensitive data discovery on an enterprise-level. Data discovery is involves auditing sensitive information, including confidential or proprietary practice data. It could also include protected enterprise data, such as personal information, or financial data that could lead to privacy issues. Data discovery enables you to identify this sensitive information and secure it while maintaining its confidentiality and availability.

What Do We Need Data Discovery?

Organizations nowadays conduct more activities online. Cloud usage has increased over the past year and is predicted to increase ten folds because of the ramifications of the COVID-19 pandemic.

Gartner states, “The rapid pace of innovation in cloud infrastructure and platform services (CIPS) makes the cloud the de facto platform for new digital services and existing traditional workloads alike, which is why 40% or all enterprise workloads will be deployed in CIPS by 2023, up from only 20% in 2020.”

This increase in cloud-based workflow frequency, where file sharing, data assessment, and storage are usual tasks, is a challenge for enterprises to use strong products or practices to know where their sensitive data is and who has access to it. Alibaba Cloud introduced Resource and Access Management (RAM), which is an IAM product, and Identity as a Service (IDaaS), which is a superb identity management solution.

Applications and their system-wide integration with other business solutions data are stored in several places, including multiple systems, applications, databases, and shared transmission channel cache. Even if the sensitive data is sitting somewhere temporarily, it could pose threats or leakage. Ensuring proper protection based on authentication, authorization, and confidentiality is the biggest challenge for enterprises.

Data Discovery Goals

The primary goal of data discovery is to enable awareness towards sensitive data. This awareness should be integrated throughout the system to discover and secure any sensitive data at rest or in motion. Alibaba Cloud provides superb data encryption regardless of whether your data is kept internally or is transmitted out of the system. While normal data and sensitive data differ in context, detecting and classifying sensitive data is of the utmost importance.

Discovering information related to data with factors, such as file type, classification of sensitivity, user identities, and location, can help the security teams work towards more contextually appropriate and effective solutions while protecting sensitive information across a wide range of usage scenarios.

Benefits of Sensitive Data Discovery

Enterprise data is huge and constantly moves from one point to another across servers and nodes. The amount of data grows with the size of the enterprise. The evolution of cloud computing and the high-performance computing channels make it lightning-fast for the data to be transmitted. The data is being stored in numerous devices and cloud storage mediums, such as databases or Object Storage Service (OSS).

Many enterprise stakeholders have access to this, and it can be manipulated, copied, or replicated easily. Sensitive data discovery and protection enables system-wide detection that protects this data from unauthorized access identifying, locating, and classifying sensitive data to protect it. Data discovery and protection follows a hierarchy that ensures maximum effectiveness, and Alibaba Cloud Sensitive Data Discovery and Protection works with the same principles. We will discuss this further in Part 2.

Some of the primary benefits of Alibaba Cloud Sensitive Data Discovery and Protection are listed below:

  • Redefining the entire channel of data transmission, segregation, classification, and sensitive data storage
  • Sensitivity-based data classifications and protection policies for any scale of enterprise data
  • Continuous observability and monitoring of data and services that implement this data into the system
  • Risk assessment and management of services for automated issue resolution
  • Data visibility and classification of authorization through identity
  • Sensitive data tracking and version management depending on storage and access
  • Real-time sensitive data processing with closely monitored endpoints to classify data loops based on sensitivity
  • User and system-level access and endpoints tracking


There are several complexities related to data discovery that are necessary for an effective discovery and protection system. Enterprises have cause for concern as data security is among the top priorities of any organization. Organizations implement different sets of solutions to enable higher business intelligence and future upgrade strategies. Some of the critical factors are listed below:

1.  Data Volume

Large-scale enterprises can generate huge amounts of data. This data can be general and sensitive. The amount of data flowing through the system can make it very complex for a solution to discover, classify, and protect sensitive data effectively.

2.  Management

Consistency is the key since the data and its classification change constantly. Sensitive data discovery is not a one-time thing. Data is dynamic and fluid. An effective solution will implement discovery looping that checks for changes continuously in already discovered and classified data.

3.  Type of Data

Data classification is necessary. Improper data classification can create severe complexities and implications for an organization. Different classification levels and changes have to be monitored, and re-classification is necessary to maintain the effectiveness of a system.

Continued in Part 2

In this article, we discussed data discovery and how important it is to protect sensitive data. In Part 2 of this 3-part series, we will introduce the Alibaba Cloud SDDP suite and how to discover sensitive data and protect it.

Upcoming Articles

  1. Discovering and Securing Sensitive Data With Alibaba Cloud – Part 2
  2. Discovering and Securing Sensitive Data With Alibaba Cloud – Part 3
  3. Seamless Network Acceleration Using GA – Part 1
  4. Seamless Network Acceleration Using GA – Part 2
  5. Maintaining Availability With Auto Scaling – Part 1
  6. Maintaining Availability With Auto Scaling – Part 2
  7. Maintaining Availability With Auto Scaling – Part 3
  8. Maintaining Availability With Auto Scaling – Part 4
  9. Multi-Tier Approach With VPC – Part 1
  10. Multi-Tier Approach With VPC – Part 2
  11. Multi-Tier Approach With VPC – Part 3
0 0 0
Share on

Alibaba Clouder

2,626 posts | 711 followers

You may also like


Alibaba Clouder

2,626 posts | 711 followers

Related Products