Data usage diagnostics
The DataWorks data usage diagnostics feature assesses the data content and privacy protection capabilities of your workspace. It provides best practices for diagnosing security issues, enabling you to establish a foundational security framework that protects data through its entire lifecycle.
Access data usage diagnostics
-
Log on to the DataWorks console. In the target region, click in the left-side navigation pane. On the page that appears, click Go to Security Center.
-
In the left-side navigation pane, click Data usage security to open the Data usage diagnosis page.
View diagnostic results
The Data usage diagnosis feature uses best practices to identify and display potential security risks related to data usage in your current workspace. Based on the diagnostic results, you can identify risk categories and risk levels, view risk details, and promptly address items that require optimization to ensure secure and reliable data usage. On the Data usage diagnostics page, you can select a Security Detection Domain, such as Data Security Protection Diagnosis, in the left-side panel. The right-side panel then displays the corresponding Detection Dimension, such as Sensitive Data Protection, and its Detection Items, such as data categorization and sensitivity level classification, sensitive data identification, and sensitive data masking. Each detection item displays a Risk Level tag to its right, such as Optimized or Medium-risk. Click a detection item to view its Detection Results below. The results include a diagnostic conclusion, a list of affected workspaces, and optimization suggestions. At the bottom of the page, a Re-detect button allows you to refresh the detection time and results.
Medium risk and High-risk items are potential security risks. You can click a risk item to view its details and resolve it promptly. For example, for sensitive data masking, you can view the current risk level and diagnostic results. The sensitive data identification diagnostic item is marked as medium-risk, and the diagnostic results indicate that data identification rules are not configured for sensitivity levels 8 (L8) and 9 (L9).
-
Security risk
To intelligently identify sensitive data in DataWorks, administrators must configure data identification rules for the corresponding sensitivity levels. If no identification rules are configured, the system cannot identify sensitive data, which may lead to data leaks.
-
Recommended action
Follow the provided recommendations to configure sensitive data rules to gain a comprehensive overview of your sensitive data distribution and ensure its protection.
Diagnostic details
The Data Security Protection Diagnosis section helps you improve the security of your sensitive data.
|
Diagnostic dimension |
Diagnostic item |
Diagnostic object |
Diagnostic method |
|
Sensitive data protection |
Data categorization and sensitivity level classification Note
Data categorization and sensitivity level classification is the first step in sensitive data protection. DataWorks allows administrators to classify enterprise data based on sensitivity levels. |
Data Security Guard |
This diagnostic item checks whether you have configured rules for data categorization and sensitivity level classification in Data Security Guard. For details about the configuration, see Configure sensitive data classification and categorization. |
|
Sensitive data identification Note
Identifying important and sensitive data within complex enterprise data systems is a key part of sensitive data protection. DataWorks helps administrators intelligently identify sensitive data. |
Data Security Guard |
This diagnostic item checks for sensitivity levels that lack data identification rules, which prevents data from being matched and identified. Refer to Configure data identification rules and run identification tasks to set up the rules and gain a comprehensive overview of your sensitive data distribution. |
|
|
Sensitive data masking Note
To prevent data misuse and leaks and to make data "available but not visible" during use, administrators can configure data masking rules in DataWorks. This helps enterprises balance security and convenience. |
Data Security Guard |
This diagnostic item checks for workspaces where data masking rules are configured but the workspace-level masking switch is disabled. Refer to Configure settings on the Security Settings and Others tab to enable the workspace-level switch and apply data masking to query results in DataStudio. |