All Products
Search
Document Center

Data Security Center:Overview of Data Security Center

Last Updated:Jan 26, 2025

After you activate Data Security Center (DSC), authorize DSC to detect sensitive information in databases and the assets of Object Storage Service (OSS) and Simple Log Service, and enable security audit, you can view information such as the authorization status of assets, data identification results, risk trends of baseline security checks, and asset audit alert statistics on the Overview page of DSC.

Usage notes

DSC supports the following database types: relational, non-relational, big data, unstructured, and self-managed databases. For more information, see Supported database types.

Note

To ensure data security and privacy, DSC performs only required operations such as tagging, static data masking, and data auditing. DSC does not store your data.

View statistical information

On the Overview page in the Data Security Center console, you can view the following statistics:

Edition information and quota statistics

In the Edition Information and Quota Statistics (Used/Monthly Quota) section, you can view the current edition and the resource usage of DSC, including the remaining subscription duration, number of databases, and storage usage.

  • Free Edition

    DSC Free Edition provides free resource specifications across regions in and outside the Chinese mainland.

    You cannot upgrade or renew DSC Free Edition. If the free resource specifications cannot meet your business requirements, we recommend that you purchase DSC to ensure continuous data security. For more information, see Purchase DSC.

    image

  • Paid Editions

    After you purchase Data Security Center (DSC), all purchased resources are allocated to assets outside the Chinese mainland. If you want to use DSC for assets in the Chinese mainland, you must manually allocate the purchased resources.

    In the upper-right corner of the Overview page, you can click Billable Items to allocate the purchased resources. For more information, see Resource allocation for billable items.

    If you want to upgrade or renew DSC, you can click Upgrade or Renew Subscription. For more information, see Specification change of subscription DSC and Renew subscription DSC.

    image

Asset allocation statistics

In the Asset allocation statistics section, you can view the authorization status of assets, including the asset authorization and data identification statistics.

  • In the Asset Authorization section, click Authorize. On the Asset Authorization Configuration page, authorize DSC to access the asset that you want to manage. You can view, modify, and delete authorized assets. For more information, see the "Configuration wizard" section in this topic.

  • In the Data Identification section, click Config. On the Data Identification Configuration page, select an authorized asset and click Next to specify the scan time and frequency for the default identification task. For more information, see the "Configuration wizard" section in this topic.

  • In the Data audit section, click Config. On the Data Audit Configuration page, specify the audit mode for the asset that you want to manage. For more information, see the "Configuration wizard" section in this topic.

image

Statistics on authorized assets

In the Asset Statistics section, you can view the trends of the total number of authorized assets and the number of audited assets in the previous 12 hours, 1 day, 7 days, or 30 days.

Note

DSC scans for new assets at 00:00 every day and automatically synchronizes new assets to the unauthorized asset list. You can click Restart below The scan task is complete in the upper-right corner of the Overview page to synchronize the most recent asset statistics between the Alibaba Cloud account and the members. To perform synchronization between the Alibaba Cloud account and the members, you must enable the multi-account management feature. For more information, see Use the multi-account management feature.

image

Statistics on sensitive data detection

In the Sensitive Data section, you can view the statistics on the identification results of structured and unstructured data in the scanned data assets.

Note

DSC identifies sensitive files and data based on the configured sensitive data identification template. Sensitive data identification templates are classified into built-in identification templates and custom identification templates. DSC identifies and classifies sensitive data tables, fields, and files based on the templates. For more information, see View and configure identification templates.

The Overview page displays the statistics on the identification results generated from the identification task that uses the data classification template for the Internet industry.

  • In the upper-right corner of the Sensitive Data section, click Details to go to the Classification and grading > Asset Insight page and view the identification results of sensitive data. For more information, see View sensitive data identification results.

  • Click Configure. On the Data Identification Configuration page, select an authorized asset and click Next to specify the scan time and frequency for the default identification task. For more information, see the "Configuration wizard" section in this topic.

数据识别结果

Statistics on risk trends

In the Risk Trends section, you can view the risk trends of baseline security checks in the previous 7 or 30 days.

  • Click Recheck to perform a configuration risk check on all authorized assets. You can refresh the page to view the check results.

  • In the upper-right corner of the Risk Trend section, click Details to go to the Risk Governance > Configuration Risks page to view the results of configuration risk checks.

异常事件汇总

Statistics on threat trends

In the Threat Trends and Outbound Data Transfer Monitoring section, view the trends of the number of alerts generated in the previous 12 hours, 1 day, 7 days, or 30 days.

  • In the Audit Alert chart in the Threat Trends and Outbound Data Transfer Monitoring section, click Details to go to the Data Detection Response > Data audit page to view alert details.

  • Click Configure. On the Data Audit Configuration page, specify the audit mode for the asset that you want to manage. For more information, see the "Configuration wizard" section in this topic.

Configuration wizard

In the upper-right corner of the Overview page or in the Asset allocation statistics section, click Configuration Wizard. Follow the instructions to configure asset identification and audit. image

  1. Asset synchronization

    • Click Click to Sync. The asset data is automatically synchronized to DSC.

    • Click Manual Input. In the Add Asset dialog box, specify the asset information and click OK.

      If you select Data identification and Audit, you must configure data identification and data audit settings. Click Add and Configure Permissions to complete the settings.

      image

  2. Asset authorization

    Click Configure. On the Asset Authorization Configuration page, authorize DSC to access the asset. You can view, modify, and delete authorized assets. For more information, see Authorize DSC to access databases, Authorize DSC to access a self-managed database hosted on an ECS instance, Authorize DSC to access unstructured data in OSS and Simple Log Service, and Authorize DSC to access MaxCompute.

    image

  3. Data identification

    Specify the scan time and frequency in the default identification task for the assets that you want to manage. For more information, see Identify sensitive data by using identification tasks.

    1. Click Configure. On the Data Identification Configuration page, select the asset that you want to manage and click Next.

    2. Specify the identification template, scan time, and scan frequency, and click Next.

      image

    3. View and confirm the identification policy of the asset and click OK.

      image

  4. Data auditing

    For more information about the audit mode, see Enable and configure the data auditing mode.

    1. Click Configure. On the Data Audit Configuration page, specify the audit mode for the asset you want to manage and click Next.

      image

    2. Install the agent on the assets for which the traffic collection mode is enabled and click Next.

    3. View and confirm the audit configuration of the asset and click OK.