Dynamic Data Masking allows you to obscure your confidential data column values at the database engine level for both new and existing SQL Server data. Being able to alter the definition of an existing column to add a masking rule makes it very simple to obscure your existing column values without even changing your application code.
This stairway will examine Dynamic Data Data Masking, introduced in Azure SQL Database and SQL Server 2016. This should allow you to implement Dynamic Data Masking in your application, understanding the implications of the various masks used on different datatypes.
Greg Larson looks at how to hide the value of sensitive data by applying Dynamic Data Masking.
Dynamic data masking provides a simple way to implement obfuscation of private data. However it's important to understand the limitations, and to keep in mind that it is not true encryption and that the data cannot be protected in all scenarios. Aaron Bertrand explains.
SQL Server 2016 introduces a new security feature called Dynamic Data Masking (DDM). This tip describes its purpose, shows a brief example of how it works, lists some limitations, and notes how the feature has already changed since CTP 2.0 was first released in May.