Anoop Kumar shows you the SQL Commands (T-SQL) to secure PII/PHI data using the SQL Server Dynamic Data Masking (DDM) feature and explores DDM’s built in functions to mask all critical data elements. DDM restricts unauthorized users from accessing critical data with no changes in the application.
Azure SQL Database’s Dynamic Data Masking (DDM) feature limits the exposure of sensitive information to non-privileged users. DDM can mask either the full value or partial value in a column. This method can also mask Social Security and Credit Card Numbers without making any changes to the application.
Dynamic Data Masking is an exciting new feature in SQL Server 2016, allowing DBAs to centrally set a mask that is returned for a table column instead of the actual data, limiting what information is returned to certain users in a consistent and reliable way. What’s more, Redgate SQL Compare safely and reliably handles your DDM changes. Data Platform MVP Steve Jones explains more.
Dynamic Data Masking allows you to obscure your confidential data column values at the database engine level for both new and existing SQL Server data. Being able to alter the definition of an existing column to add a masking rule makes it very simple to obscure your existing column values without even changing your application code.
This stairway will examine Dynamic Data Data Masking, introduced in Azure SQL Database and SQL Server 2016. This should allow you to implement Dynamic Data Masking in your application, understanding the implications of the various masks used on different datatypes.