You can create data identification rules to efficiently identify sensitive data within a tenant. This topic describes how to create and configure data identification rules.

Go to the Data Recognition Rules tab

  1. Log on to the DataWorks console. Find the workspace that you want to manage and click Data Analytics.
  2. Click the More icon icon in the upper-left corner and choose All Products > Data governance > Data Security Guard.
  3. Click Try now. The Data Security Guard homepage appears.
  4. In the left-side navigation pane, choose Rule Change > Data Recognition Rules. On the Data Recognition Rules tab, you can create, copy, modify, and delete rules.

Create a rule

  1. Click Create Rule in the upper-right corner. Create Rule
  2. In the Set Basic Info step, set the parameters as required and click Next.
    You can create a template-based rule or a custom rule.Set Basic Info
    Parameter Description
    Data Type The category of the rule. You can select Add By Template or Custom.
    • If you select Add By Template, you can further select Personal Information, Merchant Information, or Company Information.
    • If you select Custom, you can enter a data category.
    Rule Name
    • If you set the Data Type parameter to Add by Template, you can select one of the 31 built-in templates that DataWorks provides for sensitive data identification, such as VIN, imsi, Bank Card, Hong Kong And Macao Pass, Email, Name, Nation, PEM File, Seat Number, MEID, Alipay Unique ID, Address, and Id Card.
    • If you set the Data Type parameter to Custom, you can enter a rule name.
    Note A custom rule that is used to identify sensitive data must have a unique name.
    Owner The user who configures the rule.
    Description The description of the rule. The description can be up to 120 characters in length.
  3. In the Specify Details step, set the Level and Data Recognition Rules parameters and click Next. Specify Details
    Parameter Description
    Level The security level of the data to which the rule is applied. If the existing levels do not meet your needs, go to the Data Level Management page and create levels as needed. For more information, see Manage data security levels.
    Content Scanning Specifies whether to enable content scanning. You can use the content that is specified by the selected template or select Regex Express. Multiple data identification templates are provided.
    • If you create a template-based rule, you cannot change the content to be scanned. However, you can manually correct the data identification results of the rule. For more information, see Manually correct data.
    • If you select Regex Express, you can customize the identification rule.
    Field scanning Specifies whether to enable field scanning. You can use exact match or fuzzy match to specify one or more field names to be identified by the rule. The rule is applied if data matches one of the specified field names.
  4. After you confirm the settings, click Save. Save
Note After the data identification rule is created, the data identification results of the rule are displayed on the next day.

After the data identification rule is created, you can view the data identification results of the rule on the Data Recognition, Data Activities, and Data Risks pages.

Copy a rule

Find the rule that you want to copy and click the Copy icon icon in the Actions column. A new rule with the same settings is created. Copy a rule

By default, the status of the new rule is Inactive. You can modify the rule and enable it as needed.

Modify a rule

To modify an existing rule, perform the following steps:
  1. Set the status of the rule to Inactive.
  2. Click the Rule Configuration icon icon in the Actions column.
  3. In the panel that appears, modify the parameters in the Basic Settings, Advanced Settings, Change, and Exception Rule sections. Modify a rule
  4. Click Save.
  5. After you confirm the settings, set the status of the rule to Active.

Delete a rule

To delete a rule, find the rule and click the Delete icon icon in the Actions column. In the message that appears, click OK.