Based on the compliance requirements on personal information protection and security audit in cloud computing, as specified in Baseline for Classified Protection of Cybersecurity 2.0, Sensitive Data Discovery and Protection (SDDP) provides features such as sensitive data detection and de-identification. Based on all these data security features, SDDP provides an integrated data security solution.

Sensitive data exists in your data assets in different forms and includes data of high value, such as customer information, technical documentation, and personal information. The leaks of sensitive data can cause serious economic and brand losses to your enterprise.

SDDP scans your data in MaxCompute, Object Storage Service (OSS), self-managed databases, and Alibaba Cloud database services, including ApsaraDB RDS, DRDS, PolarDB, ApsaraDB for OceanBase, and Tablestore, based on the predefined key fields of sensitive data. SDDP determines whether data is sensitive based on the number of times that the data hits sensitive data detection rules.

Notice SDDP only scans your data assets for sensitive data and marks the sensitive data with different risk levels. SDDP does not store your data.