The data usage diagnostics feature allows you to protect the data content and data privacy of the current DataWorks workspace and provides best practices and solutions for security risks. This feature helps you quickly build a basic security system to protect data security during and after data usage.

Go to the Data usage diagnosis page

  1. Log on to the DataWorks console.
  2. In the left-side navigation pane, click Workspaces.
  3. In the top navigation bar, select the region in which the workspace that you want to manage resides. Find the workspace and click Data Development in the Actions column.
  4. On the DataStudio page, click the Icon icon in the upper-left corner and choose All Products > Data governance > Security Center. The Data access control page appears.
  5. In the top navigation bar, click Data usage security. The Data usage diagnosis page appears.

View the diagnosis

The Data usage diagnosis page displays the security risks that are detected for the current workspace based on the best practices for security risks during data usage. You can identify risk categories and levels based on the diagnosis, view risk details, and process the items that can be optimized to ensure secure and reliable data usage. Data usage diagnosis
Medium-risk and high-risk items belong to potential security risks. You can click a medium-risk or high-risk item to view risk details and optimize the item at the earliest opportunity. The following figure shows the details of sensitive data identification that is at medium risk. Sensitive data identification
  • Security risk

    DataWorks can automatically identify sensitive data for administrators. The prerequisite is that different levels of data identification rules are configured for DataWorks. If no data identification rules are configured, DataWorks cannot identify sensitive data, which may cause sensitive data leaks.

  • Suggestion

    You can configure identification rules for sensitive data based on the provided suggestion. This allows you to fully understand the distribution of sensitive data and ensures the security of sensitive data.

Details of diagnostics items

The information in the Data Security Protection Diagnosis section helps you improve the security of sensitive data.
Diagnostics dimension Diagnostics item Diagnostics object Diagnostics method
Sensitive data protection Data classification
Note Data classification is the first step in sensitive data protection. DataWorks allows administrators to classify enterprise data based on sensitivity levels.
Data Security Guard This diagnostics item checks whether you have configured classification rules in Data Security Guard. For more information about data classification, see Mange data sensitivity levels.
Sensitive data identification
Note Identifying important and sensitive data from the complex data systems of an enterprise is the key to sensitive data protection. DataWorks allows administrators to intelligently identify sensitive data.
Data Security Guard This diagnostics item detects the data classifications that are not configured with data identification rules. If no data identification rules are configured, the data classifications cannot match the relevant data. You can configure sensitive data identification rules to fully understand the distribution of sensitive data. For more information, see Manage sensitive field types.
Desensitization of sensitive data
Note To prevent data abuse and leaks during data usage and make data available but invisible, DataWorks allows administrators to configure masking rules to help enterprises achieve a balance between security and convenience.
Data Security Guard This diagnostics item detects the workspaces for which masking rules are enabled whereas the masking feature is not. You can enable the masking feature for a workspace to mask sensitive data in the query results on the DataStudio page. For more information, see Workspace settings.