Sensitive Data Discovery and Protection (SDDP) allows you to customize sensitive data identification rules, sensitive data definition rules, and anomaly alerts.

Configure sensitive data identification rules

SDDP automatically identifies sensitive data in objects and tables based on the sensitive data identification rules that you configure. You can customize sensitive data identification rules based on your business requirements.sensitive data identification rules
  1. Log on to the SDDP console.
  2. In the left-side navigation pane, choose Security Configuration > Rule Configuration and click the Sensitive Data Identification Rules tab.
  3. Click Add Rule. In the Add Rule dialog box that appears, specify rule parameters. The parameters are described as follows:
    • Rule Type: the type of the sensitive data identification rule. Valid values: Keyword and Regular expression.
    • Rule Name: the name of the sensitive data identification rule.
    • Risk Level: the risk level of the sensitive data identified based on the sensitive data identification rule. Valid values: S1, S2, S3, and S4.
    • Rule Definition: the definition of the sensitive data identification rule. After a rule is created, the rule list does not display the rule definition. It can be view in rule details.
  4. Click Submit to create the rule.
  5. Optional. Turn on the switch in the Actions column of a rule to enable the rule. SDDP only uses enabled rules to identify sensitive data. Disabled rules will not take effect.enable the rule
Note
  • SDDP automatically identifies sensitive data based on all sensitive data identification rules that are enabled.
  • You can delete sensitive data identification rules, but cannot modify them. After a sensitive data identification rule is deleted, SDDP no longer identifies corresponding data as sensitive data. Exercise caution when deleting a sensitive data identification rule.
  • A sensitive data identification rule is enabled by default after it is created. If you do not regard certain data as sensitive data, you can disable the corresponding sensitive data identification rule. After a sensitive data identification rule is disabled, SDDP no longer identifies corresponding data as sensitive data. We recommend that you enable all sensitive data identification rules to reduce risks.
  • Rules for which built-in appears in the Alibaba Cloud Account column are default rules. If no custom rules are configured, SDDP can still identify sensitive data based on these default rules. The default rules cannot be modified or deleted.

In the rule list, click Details in the Actions column of a rule to view its details. You can view the type, name, risk level, and definition of custom rules, whereas you can only view the type, name, and risk level of default rules.

Configure sensitive data definition rules

You can use sensitive data definition rules to specify risk levels for sensitive data.

In the left-side navigation pane, choose Security Configuration > Rule Configuration and click the Sensitive Data Definition Rules tab. On the page that appears, select one or more risk levels that can be used in SDDP. In the Default Risk Level for Data Not Identified drop-down list, select a risk level from S1 to S4. The specified level indicates the default risk level of data that has not been identified as sensitive data.

Configure anomaly alerts

In the left-side navigation pane, choose Security Configuration > Rule Configuration and click the Anomaly Alert Configuration tab. On the page that appears, configure the thresholds and rules for generating anomaly alerts about anomalous events.
  • In the Generation Configuration for Anomaly Alerts section, you can click Modify next to a threshold to modify it. You can either specify a specific number or a value range.Anomaly Alert Configuration
  • In the Enable Anomaly Alerts section, you can select the types of anomalous events that you want SDDP to detect. When anomalous events of the selected types are detected, SDDP displays them on the Anomalous Event Processing page. For more information, see View the statistics on anomalous events.Enable Anomaly Alerts