Data Security Guard is a service in DataWorks that ensures data security. It can be used to identify and de-identify sensitive data, add watermarks to data, manage data permissions, identify and audit data risks, and trace leak sources. This topic describes how to activate and use Data Security Guard.

Limits

In Data Security Guard, you can identify and dynamically de-identify sensitive data in only E-MapReduce (EMR), MaxCompute, Cloudera's Distribution including Apache Hadoop (CDH), and Hologres data sources.

Go to the Data Security Guard page

  1. Log on to the DataWorks console.
  2. In the left-side navigation pane, click Workspaces.
  3. In the top navigation bar, select the region in which the workspace that you want to manage resides. Find the workspace and click Data Development in the Actions column.
  4. Click the Icon icon in the upper-left corner and choose All Products > Data governance > Data Security Guard.
  5. Click Try now to go to the Data Security Guard page.
    Note
    • If you have activated Data Security Guard by using your Alibaba Cloud account, the Data Security Guard homepage appears.
    • If you have not activated Data Security Guard by using your Alibaba Cloud account, the page for activating Data Security Guard appears.

Activate Data Security Guard

Log on with your Alibaba Cloud account. On the Terms of Service page, select I have read and agree to all the preceding terms and click Activate.

Notice You must use your Alibaba Cloud account to activate Data Security Guard.

Use Data Security Guard

After you activate Data Security Guard, you can use the service. Use Data Security Guard
No. GUI element Description
1 More icon Provides access to the services that you can use, such as DataStudio, Data Integration, Operation Center, and Data Security Guard.
2 User information The logon user. You can view and modify the user information, including the email address, mobile phone number, AccessKey ID, and AccessKey secret.
3 Left-side navigation pane The navigation pane for different features of Data Security Guard. For more information about the features of Data Security Guard, see Identify sensitive data, Customize de-identification rules, View data activities, View data risks, Audit data risks, Trace leak sources, and Manage sensitive field types.
4 Data Security Guard homepage
  • Data Recognition: displays the total number of fields that hit the configured data identification rules in the last seven days and sorts the fields by project.
  • Data Activities: displays the number of data access activities that are detected on each day in a specified time range for the fields that hit the configured data identification rules.
    Note The supported time ranges are the last seven days and the last 30 days.

    You can click View Details to go to the Data Activities page.

  • Data Risks: displays the number of data risks that are identified in the last seven days and the number of data risks that have not been handled.
  • Data Auditing: displays the number of data risks that are identified and the number of data risks that have been handled in the last seven days and the last 30 days.

    You can click View Details to go to the Data Auditing page.

  • Data traceability: allows you to upload the files that contain leaked data, and extracts the watermarks of the leaked data to find the users who may leak the data.
5 Switch to the guide page Click Guide in the upper-right corner to go to the service guide page and view the service information.