The invention relates to the technical field of information security, in particular to a secret state data access protection method for db2 data, which comprises the following steps: step S01, configuring target db2 data connection information to authorize the device to access a target db2 database, obtaining all privacy field information of the db2 database by performing privacy discovery on the db2 database, and according to the actual situation, finishing incremental privacy discovery; s02, configuring grouping information of the access users; s03, setting a secret state data access protection rule, namely a security rule and a privacy scheme, of the target database, and controlling the access permission of the target database; and step S04, setting a secret state data access protection task, selecting a protected target database, an access group, a specific secret state data access protection rule and a forwarding port, and enabling a user to access a target db2 database through a proxy port monitored by the device. The invention is simple in deployment and can be transparently used.