This article describes how to deal with leaks of sensitive information about your Alibaba Cloud assets.
When enterprises or individual users use third-party platforms, sensitive information may be leaked, which causes great risks. Sensitive information includes the AccessKey pairs of Alibaba Cloud accounts, and usernames and passwords of ApsaraDB RDS, self-managed databases that are hosted on Elastic Compute Service (ECS) instances, and your email. If sensitive information is leaked, you can address this issue based on the following methods:
- Immediately log on to the Alibaba Cloud Management Console. Disable and change the AccessKey pair and delete the code that is hosted on third-party platforms at the earliest opportunity.
- Regularly log on to the Log Service console to view the server access logs and check whether a data leak has occurred. For example, search for web access logs and specify the URI field to locate the paths that contain files related to AccessKey pairs.
- Use a private GitHub codebase or build an internal code management system to prevent the leaks of source code and sensitive information.
- Develop internal standards on security O&M and red lines for development operations. Provide training for IT administrators to improve information security.
- After you receive alert notifications for AccessKey pair leaks, make sure that you delete all information that involves your AccessKey pairs and you select an appropriate method to handle the alert in the Security Center console. To handle the alert, select Deleted manually, Manually disable AK, or Whitelist. Otherwise, Security Center continues to send alert notifications to you.
- Security Center