The data usage diagnostics feature of DataWorks allows you to protect the data content and data privacy of the current DataWorks workspace and provides best practices and solutions for security risks. This feature helps you quickly build a basic security system to ensure data security during and after data usage.
Go to the Data usage diagnosis page
Log on to the DataWorks console. In the top navigation bar, select the desired region. In the left-side navigation pane, choose . On the page that appears, click Go to Security Center.
In the left-side navigation pane of the Security Center page, click Data usage diagnosis.
View diagnostic results
The Data usage diagnosis page displays the security risks that are detected for the current workspace based on the best practices for security risks during data usage. You can identify risk categories and risk levels based on the diagnostic results, view risk details, and handle items to be optimized at the earliest opportunity to ensure the security and reliability of data usage.
Medium-risk and high-risk items belong to potential security risks. You can click a medium-risk or high-risk item to view the risk details and optimize the item at the earliest opportunity. The following figure shows the details of sensitive data identification that is at medium risk.
Security risk
DataWorks can automatically identify sensitive data for administrators. The prerequisite is that different levels of data identification rules are configured for DataWorks. If no data identification rules are configured, DataWorks cannot identify sensitive data, which may cause sensitive data leakage.
Suggestion
You can configure identification rules for sensitive data based on the provided suggestion. This allows you to fully understand the distribution of sensitive data and ensures the security of sensitive data.
Details of diagnostic items
The information in the Data Security Protection Diagnosis section helps you improve the security of sensitive data.
Diagnostic dimension | Diagnostic item | Diagnostic object | Diagnostic method |
Sensitive data protection | Data categorization and sensitivity level classification Note The first step in sensitive data protection involves data categorization and sensitivity level classification. DataWorks allows administrators to classify enterprise data based on sensitivity levels. | Data Security Guard | This diagnostic item checks whether you have configured data categorization and sensitivity level classification rules in Data Security Guard. For more information about how to configure data categorization and sensitivity level classification rules, see Specify the category and sensitivity level of sensitive data. |
Sensitive data identification Note The key to sensitive data protection is identifying important and sensitive data from the complex data systems of an enterprise. DataWorks allows administrators to intelligently identify sensitive data. | Data Security Guard | This diagnostic item detects the data sensitivity level classifications for which data identification rules are not configured. If no data identification rules are configured, the data sensitivity level classifications cannot match the relevant data. You can configure sensitive data identification rules to fully understand the distribution of sensitive data. For more information, see Configure a sensitive data identification rule and run a sensitive data identification task. | |
Sensitive data masking Note To prevent data abuse and leaks during data usage and make data available but invisible, DataWorks allows administrators to configure data masking rules to help enterprises achieve the balance between security and convenience. | Data Security Guard | This diagnostic item detects the workspaces for which data masking rules are enabled but the workspace-level masking feature is not enabled. You can enable the workspace-level data masking feature to mask sensitive data in the query results on the DataStudio page. For more information, see Configure settings on the Security Settings and Others tab. |