DSC Free Edition - Data Security Center - Alibaba Cloud Documentation Center

Data Security Center (DSC) provides Free Edition for all Alibaba Cloud users to protect data assets. DSC Free Edition provides fixed resource quotas and features such as data classification, baseline check, and data auditing.

Intended users

Alibaba Cloud accounts and Resource Access Management (RAM) users that completed real-name verification for individuals or enterprises.
The account has not been used to purchase DSC Enterprise Edition or value-added features.

Free resource specifications

The following table describes the specifications of resources that are provided per month by DSC Free Edition. The free log storage capacity of the data auditing feature is provided only in the first month the first time you activate DSC Free Edition.

Feature	Resource	Free specifications
Asset authorization	Number of instances	500
Asset authorization	Object Storage Service (OSS) protection capacity	500 TB
Baseline check	Number of check items	51 (Baselines of the best practices of Alibaba Cloud for data security are supported. Baselines of the China Personal Information Protection Law (PIPL) are not supported.)
Data classification	OSS identification capacity	5 GB
Data classification	Table identification quantity	100
Data auditing	Log storage capacity	5 GB
Data detection and response	Detection of AccessKey pair leaks	Supported
Data detection and response	Leaked AccessKey pair-based access alert and governance	Not supported

Usage notes

You do not need to pay for the free resource specifications. You can directly use the data protection capabilities provided by DSC Free Edition.

You cannot upgrade or renew DSC Free Edition. If the free resource specifications cannot meet your business requirements, we recommend that you purchase DSC to ensure continuous data security. For more information, see Purchase DSC.

Features

The following table describes the features provided by DSC Free Edition.

Feature	Description	References
Asset management	DSC automatically identifies and adds data assets in Alibaba Cloud. DSC supports the one-click and account-based connection modes, which you can use to connect to databases. The one-click connection mode supports the following asset types: ApsaraDB RDS, PolarDB, PolarDB for Xscale, ApsaraDB for Redis, OSS, Tablestore, and MaxCompute. The account-based connection mode supports the following asset types: ApsaraDB RDS, PolarDB, PolarDB for Xscale, PolarDB-X 2.0, ApsaraDB for MongoDB, ApsaraDB for OceanBase, self-managed databases, AnalyticDB for MySQL, and AnalyticDB for PostgreSQL. Note The number of data assets per month added to DSC cannot exceed the free resource specifications.	Asset authorization management
Baseline check	DSC dynamically checks the configurations in your data assets. For example, DSC checks each configuration item in your databases in Alibaba Cloud, such as the authentication, access control, encryption, backup, and restoration configurations. Note DSC Free Edition supports only 51 baselines of the best practices of Alibaba Cloud for data security. The supported check items displayed on the Baseline Management page of the Baseline Check module shall prevail. If you want to use baselines of the PIPL, purchase DSC.	Security baseline check
Sensitive data identification	DSC identifies sensitive data in your assets based on built-in and custom identification models and allows you to search for sensitive data. Note The amount of OSS data capacity and database tables per month that DSC identifies cannot exceed the free resource specifications.	Data insights
Data detection and response	DSC checks the AccessKey pairs of Alibaba Cloud accounts or RAM users in the source code on GitHub and in authorized OSS buckets. This helps check whether AccessKey pairs are leaked. Note If you want to use the governance feature to handle access behavior that is caused by using leaked AccessKey pairs, you must purchase the value-added feature supported by data detection and response.	Overview of data detection and response
Data auditing	DSC allows you to enable and configure the data auditing mode for databases and OSS data. This way, DSC collects the operation logs of data assets and then stores the logs for data auditing and analysis. Note The free log storage capacity is provided only in the first month after you activate DSC Free Edition for the first time. If you require log storage capacity in the succeeding month, you must enable the value-added log storage feature and purchase a specific amount of log storage capacity.	Data auditing
Security posture	DSC audits your data assets based on built-in and custom audit rules, and displays audited session information, raw logs, and alerts. Note You cannot use the whitelist feature to handle alerts. If you want to manage whitelists, you must purchase DSC Enterprise Edition.	Audit alerts
System configuration	DSC provides the OSS synchronization feature.	System settings

Use DSC Free Edition

Activate DSC Free Edition

Log on to the DSC console. Click Activate Free Edition and authorize DSC to access other cloud resources as prompted.

View DSC Free Edition resources

On the Workbench page, view the current resource usage.

Turn on User Guide to view the instructions for using DSC.

Release DSC Free Edition

Exit the user guide from the Workbench page. Then, click Release in the Edition Information section to release DSC Free Edition.

After you release DSC Free Edition, the authorized and checked data and configurations are retained. If you have not purchased DSC, you can re-activate DSC Free Edition.

If you re-activate DSC Free Edition in the current month, the remaining quotas before the release are retained and available.
If you re-activate DSC Free Edition in a subsequent month or later, the quotas are reset to the initial values.

Usage duration

If you do not purchase DSC Enterprise Edition and the value-added features of DSC, you can use DSC Free Edition for an unlimited period of time.