Under the new compliance requirements of the “Data Security Law”, how can the education industry do a good job in data security governance?

Based on the needs of the school’s business development, if you want to break the ‘information silos’ and ‘data gap’ between colleges, not only do you need to build a data center and do a good job in data governance, but also consider data security synchronously to eliminate the data of secondary colleges reported concerns.

We will first aggregate a large amount of data generated in the teaching and research, scientific research projects and cooperative projects of various departments to the big data platform of the information center, and push it to various departments of the school through the big data sharing and exchange platform. But we don’t know which departments, when, what data was used, and how to trace the source of sensitive information if it is leaked.

——A university information center

  How does the university information center carry out data security work?

Relevant policies and regulations indicate the direction

On June 10, 2021, the “Data Security Law of the People’s Republic of China” (hereinafter referred to as the “Data Security Law”) was voted through, marking that data security has risen to the level of national security. The “Data Security Law” stipulates that the state establishes a data classification and classification protection system, and implements classification and classification protection for data.

In fact, long before the promulgation of the “Data Security Law”, the education industry has pushed data security governance to the forefront of education informatization construction. In September 2020, the state issued the “Guiding Opinions on Strengthening Data Security in the Education System”; in April 2021, the state issued the “Notice on Strengthening Data Security in the Education System”, proposing the establishment of a data security responsibility system and data classification and grading in the education system. system to form a catalogue of data resources in the education system; improve the data security system covering the entire life cycle of data collection, transmission and storage, use and processing, and open sharing, and carry out normalized data security monitoring and early warning notifications.

In less than a year, the state has successively issued a series of policies and regulations on education data security protection, providing important guidance and reference for data security governance in the education industry. In the context of constantly escalating data security compliance requirements, how should the education industry deepen the construction of data security protection capabilities and build a data security governance system?

  Sangfor data security technology, escort the whole process of data flow

“The essence of data security governance is to activate the value of data. The full release of data value depends on the smooth flow of data. The key to the smooth flow of data lies in the security of the entire flow of data.” Zhang Tao, director of operations of Sangfor Education Division, mentioned.

How can we ensure the security of the data flow process, make data sharing and exchange more secure, and release data value more fully? Zhang Tao said that Sangfor provides technical support for the protection of the entire data transfer process.

Under the new compliance requirements of the “Data Security Law”, how can the education industry do a good job in data security governance?

1. Implement classification and grading standards and sort out the list of important data assets

It is set according to the relevant data classification and grading standards and specifications of the country and the education industry. The data classification strategy is used to define the type of data, and the data classification strategy is used to define the security level of the data.

It connects to various types of databases, realizes the automatic discovery of data assets and the generation of data catalogs, and automatically extracts multi-dimensional metadata feature vectors of data through machine learning algorithms, and aggregates and categorizes data fields of similar fields.

Intelligent classification and classification recommendation. Intelligently recommend similar data categories and levels to achieve intelligent classification and classification of data; at the same time, in the process of user classification and classification, users will continue to learn the annotations of data to improve the intelligent recommendation rate. At present, the classification and classification intelligent recommendation rate has reached more than 90%.

2. Sensitive data sorting and data asset exploration, so that you can know the data panorama

Scan the data center to generate a panoramic view of data assets.

Automatically identify sensitive data and generate sensitive data maps according to business-defined classification and classification and sensitive feature rules.

In the process of dynamic business access, traffic is collected, and sensitivity-related analysis is performed to generate sensitive-related data sets, sensitive-related application sets, sensitive-related interface sets, and sensitive-related account set views.

3. Data flow monitoring, real-time risk perception

Based on big data computing and UEBA user behavior analysis technology, it models user data access traffic and automatically generates security baselines.

The content of the baseline includes who is accessing the data, when is the data being accessed, by what means, what data is being accessed, and how much data is being accessed.

Based on the security baseline and abnormal behavior feature model, the data access behavior is judged.

4. The source of leakage of shared exchange is traceable, and the definition of responsibility is reasonable and well-founded

Based on big data analysis technology, the leaked content is detected and the possible source of data leakage is quickly found.

5. Strengthen the security protection of database usage through operation and maintenance security control

Combined with data classification and classification, different data management and control schemes are formulated for different data, and rich management strategies are provided for different users and different usage scenarios.

6. Data security situation analysis

Carry out normalized data security monitoring and early warning notification. From the perspectives of data assets and data access, monitor and early warning of abnormal states and abnormal behaviors to eliminate potential security risks.

Under the new compliance requirements of the “Data Security Law”, how can the education industry do a good job in data security governance?

“Data security governance is a whole process that focuses on the key risk elements of the entire data life cycle. Sangfor helps educate users to realize the realization of ‘data visibility, risk visibility, security management, and leak plasticity’ with the help of the core technical advantages of big data and AI. data security goals.”

Zhang Tao believes that data security issues need a set of security mechanisms to deal with. In addition to using technical means to strengthen data security protection, it is recommended to educate users to establish and improve data security life cycle management systems, clarify data security leaders and management agencies, and organize data security awareness training. , establish an emergency response mechanism. Ensure data security from multiple dimensions of management, technology and operation, promote the maximum value of data assets, and enable high-quality development of education.

The Links:   2DI240A-055 LM190E08-TLGE