Data Security Center Service Statement

Data Security Center Service Statement

Please read all the contents carefully before you agree to the HUAWEI CLOUD Data Security Center Service Statement (hereinafter referred to as "this Statement"). If you have any questions about the terms, please consult the HUAWEI CLOUD customer service. Accepting this Statement by selecting the Agree option on HUAWEI CLOUD or in another way indicates that you have read, understood, and accepted all the terms and conditions of this Statement. This Statement takes effect immediately upon acceptance. If you do not agree to this Statement, or to any of its terms, do not accept it by selecting the Agree option on HUAWEI CLOUD or in any other way.

Data Security Center (DSC) is a latest-generation cloud data security management platform that protects your assets with basic data security capabilities such as sensitive data identification, data masking, data watermarking, and data usage audit. DSC monitors data security and gives you a comprehensive view of your data security on the cloud.

Asset access permissions: After you subscribe to DSC, DSC needs to access your data assets to provide you with data security functions. You can grant access permissions to DSC for accessing your OBS buckets, big data resources, or databases as needed. You understand and agree that DSC is granted with permissions for accessing and collecting stored, transferred, used, exchanged, and deleted data once you allow DSC's access to assets on DSC console or in any other way. After the permissions are revoked, DSC will not be allowed to access your assets. Assets added to DSC and related task templates, task results, or reports will also be deleted.

Sensitive data identification: DSC allows you to create sensitive data identification tasks and policies on the DSC console. You understand and agree than after you create a sensitive data identification task and start it, DSC will be allowed to scan and analyze the data assets specified during the task creation and show the identification result. DSC will also scan and analyze the data assets that include personal information such as ID card and bank card. Ensure that including the personal information in the data assets is legally authorized.

Data masking: DSC allows you to create data masking tasks and configure masking rules to mask the sensitive data in the original tables and write the masked data to the target tables. If any sensitive data unmasked is written to the target tables because you did not specify such data in your masking rules, did not configure correct data masking rules, or only used the default DSC data masking rules that did not match such data, or data in the target table selected in a data masking task is lost because the selected table was deleted and a new target table was created during the execution of the data masking task, you understand and agree to bear the consequences and ensure that HUAWEI CLOUD will not suffer any loss.

Data watermarking: DSC allows you to inject watermarks to the files on the cloud or the files uploaded from local PC. If watermarks injected are inappropriate due to your misoperations or files with no watermarks are leaked and spread, you understand and agree to bear the consequences and ensure that HUAWEI CLOUD will not suffer any loss.

API calling: DSC provides you with APIs for dynamic data masking, database watermarking, and document watermarking. You understand and agree to bear the consequences in the following scenarios and ensure that HUAWEI CLOUD will not suffer any loss:

1) Sensitive data is leaked due to your incorrect configurations when calling the dynamic data masking API

2) Data is unavailable or an error occurs during data usage because the data has been changed after being watermarked by calling the database watermarking API. Watermarks may fail to be extracted from the watermarked data that has been severely damaged or from the incomplete watermarked data.

3) The abstract of a document is changed after you call the document watermarking API to inject watermarks. Visible watermarks are lost and invisible watermarks fail to be extracted when a watermarked document has been severely damaged.

Data usage audit: DSC reports and audits real-time alarms of abnormal data usage in the cloud. You understand and agree that DSC automatically enables the audit for OBS data assets whose risk level is greater than or equal to Level 7, records all operations on the data assets, such as downloading, deleting, and modifying, and displays the records on the DSC console after your sensitive data identification task is complete, audit logs are stored in your OBS bucket till the time you want to delete them, and uploading bucket logs to the target bucket incurs costs for PUT requests. For details about PUT request prices, see OBS Billing.

Alarm notifications: DSC is interconnected with Simple Message Notification (SMN) so that it can send you notifications by email or SMS. You understand and agree to authorize HUAWEI CLOUD to store the email addresses and phone numbers you provided and send alarm notifications to the email addresses and phone numbers when alarm conditions are met. You can enable or disable the alarm notification on the DSC or SMN console. For details about the pricing details, see SMN Billing.

Last updated: January 2021