Skip to main content

Managing Sensitive Data Types

Sensitive data types are a key component of NineData's sensitive data protection solution, used to effectively identify, classify, and protect sensitive information in databases. The system provides predefined data types, each corresponding to specific sensitivity levels, masking algorithms, and rules for identifying sensitive fields. These data types help the system automatically identify sensitive fields in tables and manage their classification and levels.

Prerequisites

  • You have created or joined an organization, and this organization has subscribed to either or . Please ensure that your annual or monthly subscription is still active. For more information, please refer to Manage Organizations.
  • Your current account has switched to the target organization. For more information, please refer to Switching to an Organization.

Creating Sensitive Data Types

NineData provides 27 predefined sensitive data types, covering most columns that contain sensitive information. If these data types do not meet your business needs, you can create custom data types.

  1. Log in to the NineData Console.
  2. In the left navigation bar, click >.

  1. On the page, click the tab, and then click in the top right corner.

    You can also click in the column next to the target data type to customize a new data type based on the existing one.

  2. Define the following parameters for the data type, and click to create it.

    Parameter
    		Description
    Enter the name of the sensitive data type.
    Select the category for the sensitive data type. The system provides five predefined categories, and you can also create custom categories. For more information, see Managing Data Classification.
    Select the sensitivity level of the current data type, ranging from S0 to S5, with increasing sensitivity. S0 represents non-sensitive, and S5 is the highest level. Different levels of sensitive fields may have different approval processes. For more information, see Managing Sensitivity Levels.
    Select how to mask the sensitive columns when associated with the current sensitive data type. The system provides 33 predefined algorithms, and you can also create custom masking algorithms. For more information, see Managing Masking Algorithms.
    (optional)Enter a description for the sensitive data type to reduce communication costs.
    The system provides two methods for identifying sensitive columns: and .
    • : Configures identification rules visually in the interface without the need to write scripts.
      • Match Conditions: Select or based on your requirements.
      • Identification Rules: Choose , then select or input corresponding values under the column. For details on each feature type and value, refer to the Appendix.
      • Add a Feature Row: Click .
      • Add a Rule: Click .
      • Delete a Feature Row: Click the option in the column to the right of the target feature.
      • Delete a Rule: Click the delete icon in the upper-right corner of the target rule box. At least one rule must remain.
    • : Writes rules using Java conditional statements.

Enabling or Disabling Sensitive Data Types

All sensitive data types can be enabled or disabled individually. When scanning the data source and automatically adding sensitive columns, only enabled data types will take effect.

By default, all sensitive data types are enabled, but you can disable or re-enable them based on your business needs.

  1. Log in to the NineData Console.
  2. In the left navigation bar, click >.

  1. On the page, click the tab, find the sensitive data type you want to enable or disable, and toggle the switch in the column to enable or disable it.

    tip

    To enable or disable multiple sensitive data types in bulk, select the checkboxes to the left of the target sensitive types. Then, click at the top of the page. In the pop-up window, toggle the switch on or off as needed, and click to apply the changes.

Editing Sensitive Data Types

If the custom data type does not meet the requirements, you can edit its parameters.

Note

Only custom-created data types can be edited. Predefined system data types cannot be edited.

Steps

  1. Log in to the NineData Console.
  2. In the left navigation bar, click >.

  1. On the page, click the tab, and then click in the column next to the target data type.

  2. Edit the data type as needed and click to save changes.

    tip

    To bulk edit the sensitivity levels of multiple sensitive data types, select the checkboxes to the left of the target sensitive types. Then, click at the top of the page. In the pop-up window, choose the desired sensitivity level and click to apply the changes.

Deleting Sensitive Data Types

If a custom data type is no longer in use, you can delete it.

Note

  • Only custom-created data types can be deleted. System-predefined data types cannot be deleted.
  • Ensure that the data type is not associated with any table columns before deleting, or the deletion will fail.

Steps

  1. Log in to the NineData Console.
  2. In the left navigation bar, click >.

  1. On the page, click the tab, and click in the column next to the target data type.

  2. In the pop-up window, click to confirm.

Managing Data Classification

NineData supports data classification to categorize all sensitive data types. The system provides five predefined categories, and you can create custom data classifications as needed, or delete custom ones.

Note

  • System-predefined classifications cannot be deleted.
  • Ensure that the classification is not associated with any data type or table columns before deleting.

Creating Data Classification

  1. Log in to the NineData Console.
  2. In the left navigation bar, click >.

  1. On the page, click the tab, and click in the top right corner.

  2. In the page, click at the bottom of the page. In the pop-up window, enter the classification name and description (optional), and click to create.

Deleting Data Classification

  1. Log in to the NineData Console.
  2. In the left navigation bar, click >.

  1. On the page, click the tab, and then click in the top right corner.

  2. Click in the column next to the target classification, and click in the pop-up window to confirm.

Appendix: Feature Types and Values

NineData provides several identification rule features, including , , , , and .

Feature TypeValuesDescription
IntegerAutomatically identifies sensitive columns based on whether the field length exceeds a certain value. For example, if the value is 32, columns with lengths greater than 32 will be flagged.
Data TypesInitially filters fields likely to store sensitive information based on their data types. Multiple values are separated by commas (e.g., char, varchar).
StringAutomatically identifies sensitive columns using keywords in column names. Multiple keywords are separated by commas (e.g., mobile, phone).
StringAutomatically identifies sensitive data fields based on keywords in column comments. Multiple keywords are separated by commas (e.g., mobile, phone).
Selection RuleAutomatically identifies sensitive columns based on predefined rules, including:
Last updated on