When the data security law comes, how can enterprises prepare for a rainy day? Tencent security has something to say

2021 year 6 month 10 Japan ,《 Data security law of the people's Republic of China 》 By a formal vote , And will 2021 year 9 month 1 The effective date .

《 Data security law 》 From draft to formal promulgation , After three deliberations , It took nearly three years , It is the basic law in the field of data in China , It is of great significance to data security and the development of digital economy .

The safety directors of many enterprises are paying attention to ,《 Data security law 》 What impact will it bring to the enterprise , What measures need to be taken by enterprises to meet 《 Data security law 》 The arrival of ？ We might as well take a look at several core clauses closely related to enterprise security measures .

• Article 21 states , Establish a data classification and classification protection system , Identify important data directories , Strengthen the protection of important data , And clearly defined the division of responsibilities .
• Article 27 requirements , Carry out data processing activities and take corresponding technical measures and other necessary measures , Data security .
• Article 29 requirements , Risk monitoring should be strengthened to carry out data processing activities .
• Article 30 requirements , Regularly carry out risk assessment on data processing activities .
• Article 45 specify the corresponding punishment measures for failing to perform the data security protection obligation , In serious cases, the business license may be revoked .

In a word, summarize , Do data classification and grading , According to the results of classification and grading, appropriate technical measures shall be taken . Carry out risk monitoring and risk assessment throughout the data processing process . If the data security protection obligation is not fulfilled , Will be held legally responsible .

Define the terms and conditions , Let's take a look at how to land .

To do data security , First, make classification , Made a classification , According to the importance of the data , Take corresponding protective measures , No one size fits all , Not only to ensure safety , And ensure the normal use and reasonable flow of data to the greatest extent .

The state and relevant departments have established a classified and classified protection system , Clear classification and grading standards , Enterprises only need to follow these standards , Count your own data , Sort out the classification results , This can be taken as the basis , Carry out subsequent data security construction .

However , It is not easy to count your own data . Not to mention how to deal with massive data , Accurately identify sensitive data , If you count manually , Even where data may exist , There is a high probability of missing . How to choose the right technical tools , Ensure that no important data is omitted , Is extremely important .

Ride on 《 Data security law 》 The east wind of , Tencent Security launched a new version of the data security center , Solve the problem of data classification and classification for you .

The data security center adopts SaaS The advanced technology architecture of , Relying on the powerful cloud computing capability of Tencent cloud , Provide enterprises with all-round data security services .

With the permission of the user , The data security center takes advantage of cloud nativity , Help users automatically pull the list of data assets on Tencent cloud , It eliminates the tedious process of adding assets one by one , And avoid omitting .

The data security center has built-in rich identification rules , The user performs the identification task , Identify sensitive data in assets , And carry out classification and grading . User access “ Data assets map ”, From an asset perspective , View data classification and rating results . You can also use “ Sensitive data retrieval ”, From the perspective of sensitive data , From all assets , Retrieve the specified sensitive data .

The data security center serves as the data security portal of Tencent cloud , Integrate the security products on Tencent cloud , Recommend a complete set of data centric data security capability system for you .

Corresponding to the requirements of Article 29 on risk monitoring , Integrated data security audit products , Conduct operational audit on user's data assets 、 Risk monitoring and warning .

Corresponding to the requirements of Article 27 on technical measures , Integrated data desensitization products and fortress machine products , Provide security for users' data sharing and data operation and maintenance scenarios .

Tencent security has always been concerned about 《 Data security law 》 And relevant regulations , Continuously improve and enrich the data security capability system , Protect your data .

The data security center has served 4000+ Users on Tencent cloud , The new version of free public beta , Welcome to the code scanning experience , Discuss the data security plan with the product manager .https://cloud.tencent.com/product/dsgc