基于数据中台的行为审计工具建设

目前数据中台仅围绕数据的安全使用,启用了数据库相关的数据库审计功能,但是仍缺乏有效的技术手段对于应用层及数据使用者的风险行为进行自动化的监测,为提升数据安全保障能力,本文提出建设套数据中台行为审计工具,有效保障数据规范、数据安全的流动；能够通过智能化手段实现数据异常访问行为分析和数据安全风险管控,自动化识别数据异常访问、异常用户行为及数据安全风险隐患,辅助数据安全防护工作,防范因数据操作或内部泄露造成的数据安全事件,提升数据使用过程中的安全管控能力,实现数据安全风险可查、可控、可预警。通过建设数据中台行为审计工具,实现对行为人的数据使用行为进行分析与画像,识别用户操作行为,对用户行为进行审计,为山西公司数据安全威胁及风险分析提供基础支撑。

Construction of Behavioral Audit Tool Based on Data Platform

At present, the data center only focuses on the secure use of data and has enabled database related audit functions. However, there is still a lack of effective technical means to automatically monitor the risk behavior of the application layer and data users. In order to improve data security capabilities, this article proposes to build a set of data center behavior audit tools to effectively ensure the flow of data standardization and data security; Being able to analyze abnormal data access behavior and control data security risks through intelligent means, automatically identify abnormal data access, abnormal user behavior, and potential data security risks, assist in data security protection work, prevent data security incidents caused by data operations or internal leaks, improve security control capabilities during data usage, and achieve data security risks that can be detected, controlled, and warned. By constructing a data center behavior audit tool, we can analyze and profile the data usage behavior of individuals, identify user operation behavior, and audit user behavior, providing basic support for the analysis of data security threats and risks in Shanxi Company.