Shulou(Shulou.com)11/24 Report--

"the sensitive data involved in CDP should be handled uniformly in accordance with the company's data security standards. "

". How would you like it? "

It has been nearly two years since the personal Information Protection Law (PIPL) came into effect. Under the requirements of national laws and regulations and industry standards, more and more enterprises have begun to work on data security compliance. Around the protection of personal information, the management and control of enterprises on the collection side, such as privacy policy, consent tracking, data processing protocol and so on, is also increasingly standardized.

However, when it comes to the data application layer, many landing problems still haunt enterprises, such as:

The CDP (customer data platform) we use already has authority control function and a lot of security qualifications, but the group's data security department still says that it does not meet the requirements of compliance regulation. "

"there must be a lot of user data in UBA (user behavior Analysis tool). I understand all the reasons, but what exactly needs special treatment and how to produce reports for audit? "

With the deepening of digital transformation, there are more and more data applications purchased or built by enterprises, but it is not realistic to set up security rules and customize security compliance functions respectively.

To help enterprises implement security compliance of various applications and achieve unified management of enterprise data assets security, Singularity Cloud data security engine DataBlack, starting from R2.0, officially supports interfacing with CDP, UBA and other data application products, providing enterprises with one-stop data security capabilities, thus supporting global data to meet PIPL, data security law and other security compliance requirements.

This article will share two case practices to interpret how DataBlack protects data security and compliance in typical scenarios of data applications.

Case 1: meet the unified data security management requirements of the whole group

A large amount of user information is stored in CDP, which usually contains data fields of personal identification information (PII,Personally Identifiable Information, that is, by which a specific personal identity can be identified). In the daily use of CDP, it also involves the processing and use of PII information. PII data is precisely the important sensitive data that enterprises need to focus on.

Based on the requirements of PIPL and other laws and regulations, PII data should be classified management, take corresponding encryption, de-identification and other security technical measures, and formulate operating rules and determine the operating authority of enterprise employees.

The client of this case is an international fashion group, which set up a data security team several years ago. Drawing on the management experience of overseas headquarters, the security team designed a detailed data security management specification for the whole group. When it comes to the need to complete the landing in the CDP commonly used in digital operations, the enterprise adopts DataBlack:

Sensitive data discovery: through the DataBlack configuration of name, mobile phone number, ID card and other sensitive data identification rules, regularly identify the sensitive data in the CDP.

Data classification: according to PIPL and other safety laws and regulations, DataBlack has built-in out-of-the-box classification standard templates. Based on the template, the security team efficiently completes the classification and classification of sensitive data in CDP, and automatically generates panoramas in order to understand the location of sensitive data.

Dynamic desensitization of data: configure dynamic desensitization rules for sensitive data in DataBlack. When enterprise users query or download sensitive data in CDP, the desensitized results will be presented automatically, reducing the risk of data leakage.

Figure: sensitive data identification and management steps for DataBlack

For user-related data, the group data security team has configured a complete set of classification and identification rules in DataBlack. Therefore, not only CDP, but also other data applications involving personal information follow the group's consistent data security policy and are managed uniformly.

Case 2: meeting the regulatory compliance requirements of the industry

In addition to PIPL, data Security Law and other national laws and regulations, financial, automotive and other industries have also introduced more targeted and practical data security management methods according to their respective business characteristics.

This case is a large automobile company group. According to the requirements of "several regulations on Automobile data Safety Management (trial)", enterprises must submit data safety management on a regular basis. Among them, it also includes sensitive personal information and important data involved in data analysis tools collected outside the enterprise.

In order to clarify the management of user data related to automotive applications, the group's data security department connected DataBlack to UBA and configured L1 to L5 data levels and sensitive data categories according to data classification and classification standards. According to the preset rules for identifying sensitive data, the Group regularly scans and securely marks the data in the UBA, and produces scan reports for audit.

Figure: DataBlack Analytics Cloud Edition-risk details download function

For most enterprises whose business is closely related to users, the most important task in data security compliance is to ensure that sensitive data (especially users' personal information data) can be identified and dealt with accordingly, and can be safely audited.

The singularity cloud data security engine DataBlack provides five core functions, including automatic discovery of sensitive data, desensitization and encryption of data, rights management, risk identification and monitoring, and data audit, to help customers complete the security management and control of global data lifecycle, so as to ensure the confidentiality, integrity and availability of data assets.

Figure: DataBlack architecture

From the level of group management, the data security departments of enterprises can use DataBlack to adopt consistent data security policies and process applications for global data (including big data platform and data applications), grant users security roles for corresponding applications, configure security capabilities, establish a global data security perspective, and improve compliance management and control.

DataBlack is also being optimized for specific data applications. Take the analysis cloud growth analysis product (UBA) as an example. DataBlack already has the table-level sensitive data discovery capability of the UEI model. Enterprise users can uniformly manage the sensitive information of security risks in the three tables of Event, User and Item in UBA, or download risk details to meet audit requirements in greater refinement.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.