Snuthalapati, your question is vague. I note that others have responded as if you had asked 'how can we secure the data' which is not the same as masking. Eg. It may be that developers need access to unencrypted SSNs as part of their development and testing.

So, will dynamic data masking meet your needs? If so, are you able to install SQL Server 2016 Preview on your Dev system? (it offers dynamic data masking capabilities)

If your developers really need access to SSNs in the clear, then consider:

- Do you need valid SSNs? (i.e. are the digits validated against SSN rules?)

- Does your system in some way cross-reference these?

- Do these need to be unique?

- If the answer to such questions are 'no' then you could just as easily replace all SSNs with a fictitious SSN.

Otherwise, this can be a significant undertaking to do properly. One approach to consider: Generate a range of fictitious SSNs, map them to the original SSNs and then replace throughout your DB. You will need to do this in a secure staging area. There are many data masking tools available that can do this and some offer a freeware license, such as DataVeil[/url]. Disclosure: I work for DataVeil.