SlideShare a Scribd company logo

Dynamic data masking sql server 2016

Antonios Chatzipavlis
Antonios Chatzipavlis

Dynamic data masking sql server 2016

Data & Analytics
1 of 32
Download to read offline
Dynamic Data Masking in SQL Server 2016
SQLschool.gr Team Antonios Chatzipavlis SQL Server Evangelist • Trainer Vassilis Ioannidis SQL Server Expert • Trainer Fivi Panopoulou System Engineer • Speaker Sotiris Karras System Engineer • Speaker
Followus insocialmedia @sqlschool / @panfivi fb/sqlschoolgr yt/c/SqlschoolGr SQL School Greece group
Helpneeded? help@sqlschool.gr
DynamicDataMasking
Presentation Content  Introducing Dynamic Data Masking  Using Dynamic Data Masking  DDM on Azure  Some points to keep
Introducing Dynamic Data Masking
• Protect sensitive data and personally identifiable information • Regulatory Compliance • Expose sensitive data only on a need-to-know basis • Custom obfuscation in application, views or third party solutions are used to address this need The Need
Dynamic Data Masking in SQL Server 2016 • Built-in feature for SQL Server 2016 and Azure SQL DB • Data masked on the fly when queried, underlying data do not change • Control on how the data appear in the result set  Dynamic data masking is a data protection feature that masks the sensitive data in the result set of a query over chosen database fields
• Protects against unauthorized disclosure of sensitive data in the application • Very simple to configure and use • Does not require changes in application code • Centralized masking logic Benefits
• “Dynamic data masking does not aim to prevent database users from connecting directly to the database and running exhaustive queries that expose pieces of the sensitive data” • It is not a method for physical data encryption • It is complementary to other SQL Server security features Keep in mind
Using Dynamic Data Masking  Steps  Masking Functions  Permissions  System view information
• Decide which columns need to be masked • Choose the masking function that best fits your needs for each column • Alter columns to add the masking rules • The underlying data is unaffected • Designate which users should see masked data and configure the permissions. Steps
Default Masking Functions Data Type Family Masked Data String XXXX Numeric 0 Date and Time 01.01.1900 00:00:00.0000000 Binary 0 ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = 'default()') Full masking according to the data types of the designated fields.
Email Masking Functions ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = ‘email()') Exposes the first letter of an email address and the constant suffix ".com", in the form of an email address. aXXX@XXXX.com
Random Masking Functions ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = 'random([start range], [end range])') A random masking function for use on any numeric type to mask the original value with a random value within a specified range.
Custom String (Partial) Masking Functions ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = ‘partial(prefix,[padding],suffix)’ Exposes the first and last letters and adds a custom padding string in the middle • Phone: partial(4,”XXXXXXXXXXX”,0) • Credit Card: partial(0,”XXXX-XXXX-XXXX-”,4) • Email: partial(1,”xxxx@xxxx.”,2)
• To retrieve the original data the user must have the UNMASK permission • To add, replace, remove masking of existing columns ALTER ANY MASK permission • The CONTROL permission on the database includes both the ALTER ANY MASK and UNMASK permission ! Users without UNMASK but with UPDATE permission can still update data. Permissions
system view to query for table-columns that have a dynamic data masking function applied to them • Simlar to sys.columns view • is_masked • masking_function sys.masked_columns
Dynamic Data Masking in Action
DDM on Azure
Azure Set up DDM using Azure Portal • Define users excluded from masking • Define Masking rules • Designated fields and masking functions for each one There is a recommendations engine that proposes potentially sensitive fields to mask
Azure Default Full Masking according to the datatypes Credit card XXXX-XXXX-XXXX-1234 Social Security number XXX-XX-1234 Email aXX@XXXX.com Random Number Random number between selected boundaries Custom Text Prefix, Padding String, Suffix
Some points to keep  Limitations and Restrictions  Considerations  Performance
• Not compatible with Always Encrypted columns • Not compatible with File Stream • Not compatible with Column set • A column with data masking cannot be a key for a FULLTEXT index. • Masking rule cannot be defined on a computed column Limitations and Restrictions
• Dynamic Data Masking is applied when running SQL Server Import and Export • Dynamic Data Masking is applied when using SELECT INTO or INSERT INTO to copy data from a masked column • Be careful with updates Considerations
Minimal Performance Impact Data masking is performed right before the data is returned. Performance SELECT * FROM Person.EmailAddress;
S E L E C T K N O W L E D G E F R O M S Q L S E R V E R Copyright © 2015 SQLschool.gr. All right reserved. PRESENTER MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION

Recommended

Row-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingRow-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingSolidQ
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Oracle Data Masking
Oracle Data MaskingOracle Data Masking
Oracle Data MaskingInprise Group
 
RDBMS vs NoSQL
RDBMS vs NoSQLRDBMS vs NoSQL
RDBMS vs NoSQLMurat Çakal
 
Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...
Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...
Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...Patrick Van Renterghem
 
Building a Modern Data Platform in the Cloud
Building a Modern Data Platform in the CloudBuilding a Modern Data Platform in the Cloud
Building a Modern Data Platform in the CloudAmazon Web Services
 
5 Steps for Architecting a Data Lake
5 Steps for Architecting a Data Lake5 Steps for Architecting a Data Lake
5 Steps for Architecting a Data LakeMetroStar
 
Databricks Fundamentals
Databricks FundamentalsDatabricks Fundamentals
Databricks FundamentalsDalibor Wijas
 

Recommended

Row-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingRow-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingSolidQ
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Oracle Data Masking
Oracle Data MaskingOracle Data Masking
Oracle Data MaskingInprise Group
 
RDBMS vs NoSQL
RDBMS vs NoSQLRDBMS vs NoSQL
RDBMS vs NoSQLMurat Çakal
 
Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...
Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...
Cloud Data Warehousing presentation by Rogier Werschkull, including tips, bes...Patrick Van Renterghem
 
Building a Modern Data Platform in the Cloud
Building a Modern Data Platform in the CloudBuilding a Modern Data Platform in the Cloud
Building a Modern Data Platform in the CloudAmazon Web Services
 
5 Steps for Architecting a Data Lake
5 Steps for Architecting a Data Lake5 Steps for Architecting a Data Lake
5 Steps for Architecting a Data LakeMetroStar
 
Databricks Fundamentals
Databricks FundamentalsDatabricks Fundamentals
Databricks FundamentalsDalibor Wijas
 
Deep Dive on Amazon Redshift
Deep Dive on Amazon RedshiftDeep Dive on Amazon Redshift
Deep Dive on Amazon RedshiftAmazon Web Services
 
How to build a successful Data Lake
How to build a successful Data LakeHow to build a successful Data Lake
How to build a successful Data LakeDataWorks Summit/Hadoop Summit
 
MariaDB 10: The Complete Tutorial
MariaDB 10: The Complete TutorialMariaDB 10: The Complete Tutorial
MariaDB 10: The Complete TutorialColin Charles
 
How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0Norvald Ryeng
 
Sql injection
Sql injectionSql injection
Sql injectionNuruzzaman Milon
 
Learn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceLearn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceDatabricks
 
Delta Lake: Optimizing Merge
Delta Lake: Optimizing MergeDelta Lake: Optimizing Merge
Delta Lake: Optimizing MergeDatabricks
 
SQL vs. NoSQL Databases
SQL vs. NoSQL DatabasesSQL vs. NoSQL Databases
SQL vs. NoSQL DatabasesOsama Jomaa
 
Big data architectures and the data lake
Big data architectures and the data lakeBig data architectures and the data lake
Big data architectures and the data lakeJames Serra
 
Traditional data warehouse vs data lake
Traditional data warehouse vs data lakeTraditional data warehouse vs data lake
Traditional data warehouse vs data lakeBHASKAR CHAUDHURY
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database VaultStefan Oehrli
 
OER Unit 4 Virtual Private Database
OER Unit 4 Virtual Private DatabaseOER Unit 4 Virtual Private Database
OER Unit 4 Virtual Private DatabaseGirija Muscut
 
Data Engineer's Lunch #54: dbt and Spark
Data Engineer's Lunch #54: dbt and SparkData Engineer's Lunch #54: dbt and Spark
Data Engineer's Lunch #54: dbt and SparkAnant Corporation
 
Introduction to SQL
Introduction to SQLIntroduction to SQL
Introduction to SQLRam Kedem
 
JSON Data Modeling in Document Database
JSON Data Modeling in Document DatabaseJSON Data Modeling in Document Database
JSON Data Modeling in Document DatabaseDATAVERSITY
 
Introduction to Data Engineering
Introduction to Data EngineeringIntroduction to Data Engineering
Introduction to Data EngineeringDurga Gadiraju
 
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
Efficient Spark Analytics on Encrypted Data with Gidon GershinskyDatabricks
 
Wallchart - Data Warehouse Documentation Roadmap
Wallchart - Data Warehouse Documentation RoadmapWallchart - Data Warehouse Documentation Roadmap
Wallchart - Data Warehouse Documentation RoadmapDavid Walker
 
Emerging Trends in Data Architecture – What’s the Next Big Thing
Emerging Trends in Data Architecture – What’s the Next Big ThingEmerging Trends in Data Architecture – What’s the Next Big Thing
Emerging Trends in Data Architecture – What’s the Next Big ThingDATAVERSITY
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Row level security
Row level securityRow level security
Row level securityAntonios Chatzipavlis
 
Introduction to Azure Data Lake
Introduction to Azure Data LakeIntroduction to Azure Data Lake
Introduction to Azure Data LakeAntonios Chatzipavlis
 

More Related Content

What's hot

MariaDB 10: The Complete Tutorial
MariaDB 10: The Complete TutorialMariaDB 10: The Complete Tutorial
MariaDB 10: The Complete TutorialColin Charles
 
How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0Norvald Ryeng
 
Learn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceLearn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceDatabricks
 
Delta Lake: Optimizing Merge
Delta Lake: Optimizing MergeDelta Lake: Optimizing Merge
Delta Lake: Optimizing MergeDatabricks
 
SQL vs. NoSQL Databases
SQL vs. NoSQL DatabasesSQL vs. NoSQL Databases
SQL vs. NoSQL DatabasesOsama Jomaa
 
Big data architectures and the data lake
Big data architectures and the data lakeBig data architectures and the data lake
Big data architectures and the data lakeJames Serra
 
Traditional data warehouse vs data lake
Traditional data warehouse vs data lakeTraditional data warehouse vs data lake
Traditional data warehouse vs data lakeBHASKAR CHAUDHURY
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database VaultStefan Oehrli
 
OER Unit 4 Virtual Private Database
OER Unit 4 Virtual Private DatabaseOER Unit 4 Virtual Private Database
OER Unit 4 Virtual Private DatabaseGirija Muscut
 
Data Engineer's Lunch #54: dbt and Spark
Data Engineer's Lunch #54: dbt and SparkData Engineer's Lunch #54: dbt and Spark
Data Engineer's Lunch #54: dbt and SparkAnant Corporation
 
Introduction to SQL
Introduction to SQLIntroduction to SQL
Introduction to SQLRam Kedem
 
JSON Data Modeling in Document Database
JSON Data Modeling in Document DatabaseJSON Data Modeling in Document Database
JSON Data Modeling in Document DatabaseDATAVERSITY
 
Introduction to Data Engineering
Introduction to Data EngineeringIntroduction to Data Engineering
Introduction to Data EngineeringDurga Gadiraju
 
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
Efficient Spark Analytics on Encrypted Data with Gidon GershinskyDatabricks
 
Wallchart - Data Warehouse Documentation Roadmap
Wallchart - Data Warehouse Documentation RoadmapWallchart - Data Warehouse Documentation Roadmap
Wallchart - Data Warehouse Documentation RoadmapDavid Walker
 
Emerging Trends in Data Architecture – What’s the Next Big Thing
Emerging Trends in Data Architecture – What’s the Next Big ThingEmerging Trends in Data Architecture – What’s the Next Big Thing
Emerging Trends in Data Architecture – What’s the Next Big ThingDATAVERSITY
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 

What's hot (20)

Deep Dive on Amazon Redshift
Deep Dive on Amazon RedshiftDeep Dive on Amazon Redshift
Deep Dive on Amazon Redshift
 
How to build a successful Data Lake
How to build a successful Data LakeHow to build a successful Data Lake
How to build a successful Data Lake
 
MariaDB 10: The Complete Tutorial
MariaDB 10: The Complete TutorialMariaDB 10: The Complete Tutorial
MariaDB 10: The Complete Tutorial
 
How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0
 
Sql injection
Sql injectionSql injection
Sql injection
 
Learn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceLearn to Use Databricks for Data Science
Learn to Use Databricks for Data Science
 
Delta Lake: Optimizing Merge
Delta Lake: Optimizing MergeDelta Lake: Optimizing Merge
Delta Lake: Optimizing Merge
 
SQL vs. NoSQL Databases
SQL vs. NoSQL DatabasesSQL vs. NoSQL Databases
SQL vs. NoSQL Databases
 
Big data architectures and the data lake
Big data architectures and the data lakeBig data architectures and the data lake
Big data architectures and the data lake
 
Traditional data warehouse vs data lake
Traditional data warehouse vs data lakeTraditional data warehouse vs data lake
Traditional data warehouse vs data lake
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database Vault
 
OER Unit 4 Virtual Private Database
OER Unit 4 Virtual Private DatabaseOER Unit 4 Virtual Private Database
OER Unit 4 Virtual Private Database
 
Data Engineer's Lunch #54: dbt and Spark
Data Engineer's Lunch #54: dbt and SparkData Engineer's Lunch #54: dbt and Spark
Data Engineer's Lunch #54: dbt and Spark
 
Introduction to SQL
Introduction to SQLIntroduction to SQL
Introduction to SQL
 
JSON Data Modeling in Document Database
JSON Data Modeling in Document DatabaseJSON Data Modeling in Document Database
JSON Data Modeling in Document Database
 
Introduction to Data Engineering
Introduction to Data EngineeringIntroduction to Data Engineering
Introduction to Data Engineering
 
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
Efficient Spark Analytics on Encrypted Data with Gidon Gershinsky
 
Wallchart - Data Warehouse Documentation Roadmap
Wallchart - Data Warehouse Documentation RoadmapWallchart - Data Warehouse Documentation Roadmap
Wallchart - Data Warehouse Documentation Roadmap
 
Emerging Trends in Data Architecture – What’s the Next Big Thing
Emerging Trends in Data Architecture – What’s the Next Big ThingEmerging Trends in Data Architecture – What’s the Next Big Thing
Emerging Trends in Data Architecture – What’s the Next Big Thing
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security Presentation
 

Viewers also liked

Live Query Statistics & Query Store in SQL Server 2016
Live Query Statistics & Query Store in SQL Server 2016Live Query Statistics & Query Store in SQL Server 2016
Live Query Statistics & Query Store in SQL Server 2016Antonios Chatzipavlis
 
Introduction to sql database on azure
Introduction to sql database on azureIntroduction to sql database on azure
Introduction to sql database on azureAntonios Chatzipavlis
 
Introduction to Machine Learning on Azure
Introduction to Machine Learning on AzureIntroduction to Machine Learning on Azure
Introduction to Machine Learning on AzureAntonios Chatzipavlis
 

Viewers also liked (10)

Row level security
Row level securityRow level security
Row level security
 
Introduction to Azure Data Lake
Introduction to Azure Data LakeIntroduction to Azure Data Lake
Introduction to Azure Data Lake
 
Exploring sql server 2016
Exploring sql server 2016Exploring sql server 2016
Exploring sql server 2016
 
Live Query Statistics & Query Store in SQL Server 2016
Live Query Statistics & Query Store in SQL Server 2016Live Query Statistics & Query Store in SQL Server 2016
Live Query Statistics & Query Store in SQL Server 2016
 
Microsoft SQL Family and GDPR
Microsoft SQL Family and GDPRMicrosoft SQL Family and GDPR
Microsoft SQL Family and GDPR
 
Introduction to azure document db
Introduction to azure document dbIntroduction to azure document db
Introduction to azure document db
 
Introduction to sql database on azure
Introduction to sql database on azureIntroduction to sql database on azure
Introduction to sql database on azure
 
Exploring sql server 2016 bi
Exploring sql server 2016 biExploring sql server 2016 bi
Exploring sql server 2016 bi
 
Introduction to Machine Learning on Azure
Introduction to Machine Learning on AzureIntroduction to Machine Learning on Azure
Introduction to Machine Learning on Azure
 
Azure SQL Data Warehouse
Azure SQL Data Warehouse Azure SQL Data Warehouse
Azure SQL Data Warehouse
 

Similar to Dynamic data masking sql server 2016

Securing data and preventing data breaches
Securing data and preventing data breachesSecuring data and preventing data breaches
Securing data and preventing data breachesMariaDB plc
 
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeAsug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeDharma Atluri
 
Percona Live Europe 2018: What's New in MySQL 8.0 Security
Percona Live Europe 2018: What's New in MySQL 8.0 SecurityPercona Live Europe 2018: What's New in MySQL 8.0 Security
Percona Live Europe 2018: What's New in MySQL 8.0 SecurityGeorgi Kodinov
 
Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Alex Zaballa
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Using SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS CubesUsing SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS CubesCode Mastery
 
How Clean is your Database? Data Scrubbing for all Skill Sets
How Clean is your Database? Data Scrubbing for all Skill SetsHow Clean is your Database? Data Scrubbing for all Skill Sets
How Clean is your Database? Data Scrubbing for all Skill SetsChad Petrovay
 
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)Sam Bowne
 
CloneTab Advanced DataScrambling.pptx
CloneTab Advanced DataScrambling.pptxCloneTab Advanced DataScrambling.pptx
CloneTab Advanced DataScrambling.pptxCLONETAB
 
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01Shivananda Rai
 
World2016_T5_S5_SQLServerFunctionalOverview
World2016_T5_S5_SQLServerFunctionalOverviewWorld2016_T5_S5_SQLServerFunctionalOverview
World2016_T5_S5_SQLServerFunctionalOverviewFarah Omer
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multipleKiran Kumar
 
Microsoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptxMicrosoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptxsaadatali65
 
Common Data Service – A Business Database!
Common Data Service – A Business Database!Common Data Service – A Business Database!
Common Data Service – A Business Database!Pedro Azevedo
 
Enterprise-class security with PostgreSQL - 1
Enterprise-class security with PostgreSQL - 1Enterprise-class security with PostgreSQL - 1
Enterprise-class security with PostgreSQL - 1Ashnikbiz
 
Oracle Database 12c - Data Redaction
Oracle Database 12c - Data RedactionOracle Database 12c - Data Redaction
Oracle Database 12c - Data RedactionAlex Zaballa
 
Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Sam Bowne
 

Similar to Dynamic data masking sql server 2016 (20)

Securing data and preventing data breaches
Securing data and preventing data breachesSecuring data and preventing data breaches
Securing data and preventing data breaches
 
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeAsug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
 
Percona Live Europe 2018: What's New in MySQL 8.0 Security
Percona Live Europe 2018: What's New in MySQL 8.0 SecurityPercona Live Europe 2018: What's New in MySQL 8.0 Security
Percona Live Europe 2018: What's New in MySQL 8.0 Security
 
Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data Redaction
 
Using SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS CubesUsing SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS Cubes
 
How Clean is your Database? Data Scrubbing for all Skill Sets
How Clean is your Database? Data Scrubbing for all Skill SetsHow Clean is your Database? Data Scrubbing for all Skill Sets
How Clean is your Database? Data Scrubbing for all Skill Sets
 
A to z for sql azure databases
A to z for sql azure databasesA to z for sql azure databases
A to z for sql azure databases
 
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
 
Stored procedure in sql server
Stored procedure in sql serverStored procedure in sql server
Stored procedure in sql server
 
CloneTab Advanced DataScrambling.pptx
CloneTab Advanced DataScrambling.pptxCloneTab Advanced DataScrambling.pptx
CloneTab Advanced DataScrambling.pptx
 
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
 
World2016_T5_S5_SQLServerFunctionalOverview
World2016_T5_S5_SQLServerFunctionalOverviewWorld2016_T5_S5_SQLServerFunctionalOverview
World2016_T5_S5_SQLServerFunctionalOverview
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 
Microsoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptxMicrosoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptx
 
Common Data Service – A Business Database!
Common Data Service – A Business Database!Common Data Service – A Business Database!
Common Data Service – A Business Database!
 
Enterprise-class security with PostgreSQL - 1
Enterprise-class security with PostgreSQL - 1Enterprise-class security with PostgreSQL - 1
Enterprise-class security with PostgreSQL - 1
 
Oracle Database 12c - Data Redaction
Oracle Database 12c - Data RedactionOracle Database 12c - Data Redaction
Oracle Database 12c - Data Redaction
 
Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)
 
Striim_PPT yogesh.pptx
Striim_PPT yogesh.pptxStriim_PPT yogesh.pptx
Striim_PPT yogesh.pptx
 

More from Antonios Chatzipavlis

Workload Management in SQL Server 2019
Workload Management in SQL Server 2019Workload Management in SQL Server 2019
Workload Management in SQL Server 2019Antonios Chatzipavlis
 
Loading Data into Azure SQL DW (Synapse Analytics)
Loading Data into Azure SQL DW (Synapse Analytics)Loading Data into Azure SQL DW (Synapse Analytics)
Loading Data into Azure SQL DW (Synapse Analytics)Antonios Chatzipavlis
 
Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs Antonios Chatzipavlis
 
Designing a modern data warehouse in azure
Designing a modern data warehouse in azure Designing a modern data warehouse in azure
Designing a modern data warehouse in azure Antonios Chatzipavlis
 
Modernizing your database with SQL Server 2019
Modernizing your database with SQL Server 2019Modernizing your database with SQL Server 2019
Modernizing your database with SQL Server 2019Antonios Chatzipavlis
 
Designing a modern data warehouse in azure
Designing a modern data warehouse in azure Designing a modern data warehouse in azure
Designing a modern data warehouse in azure Antonios Chatzipavlis
 
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Antonios Chatzipavlis
 
Implementing Mobile Reports in SQL Sserver 2016 Reporting Services
Implementing Mobile Reports in SQL Sserver 2016 Reporting ServicesImplementing Mobile Reports in SQL Sserver 2016 Reporting Services
Implementing Mobile Reports in SQL Sserver 2016 Reporting ServicesAntonios Chatzipavlis
 

More from Antonios Chatzipavlis (20)

Data virtualization using polybase
Data virtualization using polybaseData virtualization using polybase
Data virtualization using polybase
 
SQL server Backup Restore Revealed
SQL server Backup Restore RevealedSQL server Backup Restore Revealed
SQL server Backup Restore Revealed
 
Migrate SQL Workloads to Azure
Migrate SQL Workloads to AzureMigrate SQL Workloads to Azure
Migrate SQL Workloads to Azure
 
Machine Learning in SQL Server 2019
Machine Learning in SQL Server 2019Machine Learning in SQL Server 2019
Machine Learning in SQL Server 2019
 
Workload Management in SQL Server 2019
Workload Management in SQL Server 2019Workload Management in SQL Server 2019
Workload Management in SQL Server 2019
 
Loading Data into Azure SQL DW (Synapse Analytics)
Loading Data into Azure SQL DW (Synapse Analytics)Loading Data into Azure SQL DW (Synapse Analytics)
Loading Data into Azure SQL DW (Synapse Analytics)
 
Introduction to DAX Language
Introduction to DAX LanguageIntroduction to DAX Language
Introduction to DAX Language
 
Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs
 
Exploring T-SQL Anti-Patterns
Exploring T-SQL Anti-Patterns Exploring T-SQL Anti-Patterns
Exploring T-SQL Anti-Patterns
 
Designing a modern data warehouse in azure
Designing a modern data warehouse in azure Designing a modern data warehouse in azure
Designing a modern data warehouse in azure
 
Modernizing your database with SQL Server 2019
Modernizing your database with SQL Server 2019Modernizing your database with SQL Server 2019
Modernizing your database with SQL Server 2019
 
Designing a modern data warehouse in azure
Designing a modern data warehouse in azure Designing a modern data warehouse in azure
Designing a modern data warehouse in azure
 
SQLServer Database Structures
SQLServer Database Structures SQLServer Database Structures
SQLServer Database Structures
 
Sqlschool 2017 recap - 2018 plans
Sqlschool 2017 recap - 2018 plansSqlschool 2017 recap - 2018 plans
Sqlschool 2017 recap - 2018 plans
 
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
 
Statistics and Indexes Internals
Statistics and Indexes InternalsStatistics and Indexes Internals
Statistics and Indexes Internals
 
Implementing Mobile Reports in SQL Sserver 2016 Reporting Services
Implementing Mobile Reports in SQL Sserver 2016 Reporting ServicesImplementing Mobile Reports in SQL Sserver 2016 Reporting Services
Implementing Mobile Reports in SQL Sserver 2016 Reporting Services
 
Auditing Data Access in SQL Server
Auditing Data Access in SQL ServerAuditing Data Access in SQL Server
Auditing Data Access in SQL Server
 
Stretch db sql server 2016 (sn0028)
Stretch db sql server 2016 (sn0028)Stretch db sql server 2016 (sn0028)
Stretch db sql server 2016 (sn0028)
 
Troubleshooting sql server
Troubleshooting sql serverTroubleshooting sql server
Troubleshooting sql server
 

Recently uploaded

Identifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population MeanIdentifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population MeanMYRABACSAFRA2
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]📊 Markus Baersch
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...Florian Roscheck
 
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一F sss
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.natarajan8993
 
MK KOMUNIKASI DATA (TI)komdat komdat.docx
MK KOMUNIKASI DATA (TI)komdat komdat.docxMK KOMUNIKASI DATA (TI)komdat komdat.docx
MK KOMUNIKASI DATA (TI)komdat komdat.docxUnduhUnggah1
 
IMA MSN - Medical Students Network (2).pptx
IMA MSN - Medical Students Network (2).pptxIMA MSN - Medical Students Network (2).pptx
IMA MSN - Medical Students Network (2).pptxdolaknnilon
 
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样vhwb25kk
 
Call Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceCall Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceSapana Sha
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFAAndrei Kaleshka
 
Multiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfMultiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfchwongval
 
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfPredicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfBoston Institute of Analytics
 
Easter Eggs From Star Wars and in cars 1 and 2
Easter Eggs From Star Wars and in cars 1 and 2Easter Eggs From Star Wars and in cars 1 and 2
Easter Eggs From Star Wars and in cars 1 and 217djon017
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...limedy534
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024thyngster
 
Top 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In QueensTop 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In Queensdataanalyticsqueen03
 
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝DelhiRS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhijennyeacort
 
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档208367051
 
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)jennyeacort
 
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Sapana Sha
 

Recently uploaded (20)

Identifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population MeanIdentifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population Mean
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
 
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.
 
MK KOMUNIKASI DATA (TI)komdat komdat.docx
MK KOMUNIKASI DATA (TI)komdat komdat.docxMK KOMUNIKASI DATA (TI)komdat komdat.docx
MK KOMUNIKASI DATA (TI)komdat komdat.docx
 
IMA MSN - Medical Students Network (2).pptx
IMA MSN - Medical Students Network (2).pptxIMA MSN - Medical Students Network (2).pptx
IMA MSN - Medical Students Network (2).pptx
 
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
 
Call Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceCall Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts Service
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFA
 
Multiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfMultiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdf
 
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfPredicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
 
Easter Eggs From Star Wars and in cars 1 and 2
Easter Eggs From Star Wars and in cars 1 and 2Easter Eggs From Star Wars and in cars 1 and 2
Easter Eggs From Star Wars and in cars 1 and 2
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
 
Top 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In QueensTop 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In Queens
 
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝DelhiRS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
 
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
 
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
 
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
 

Dynamic data masking sql server 2016

  • 1.
  • 3. SQLschool.gr Team Antonios Chatzipavlis SQL Server Evangelist • Trainer Vassilis Ioannidis SQL Server Expert • Trainer Fivi Panopoulou System Engineer • Speaker Sotiris Karras System Engineer • Speaker
  • 7. Presentation Content  Introducing Dynamic Data Masking  Using Dynamic Data Masking  DDM on Azure  Some points to keep
  • 9. • Protect sensitive data and personally identifiable information • Regulatory Compliance • Expose sensitive data only on a need-to-know basis • Custom obfuscation in application, views or third party solutions are used to address this need The Need
  • 10. Dynamic Data Masking in SQL Server 2016 • Built-in feature for SQL Server 2016 and Azure SQL DB • Data masked on the fly when queried, underlying data do not change • Control on how the data appear in the result set  Dynamic data masking is a data protection feature that masks the sensitive data in the result set of a query over chosen database fields
  • 11. • Protects against unauthorized disclosure of sensitive data in the application • Very simple to configure and use • Does not require changes in application code • Centralized masking logic Benefits
  • 12. • “Dynamic data masking does not aim to prevent database users from connecting directly to the database and running exhaustive queries that expose pieces of the sensitive data” • It is not a method for physical data encryption • It is complementary to other SQL Server security features Keep in mind
  • 13. Using Dynamic Data Masking  Steps  Masking Functions  Permissions  System view information
  • 14.
  • 15. • Decide which columns need to be masked • Choose the masking function that best fits your needs for each column • Alter columns to add the masking rules • The underlying data is unaffected • Designate which users should see masked data and configure the permissions. Steps
  • 16. Default Masking Functions Data Type Family Masked Data String XXXX Numeric 0 Date and Time 01.01.1900 00:00:00.0000000 Binary 0 ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = 'default()') Full masking according to the data types of the designated fields.
  • 17. Email Masking Functions ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = ‘email()') Exposes the first letter of an email address and the constant suffix ".com", in the form of an email address. aXXX@XXXX.com
  • 18. Random Masking Functions ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = 'random([start range], [end range])') A random masking function for use on any numeric type to mask the original value with a random value within a specified range.
  • 19. Custom String (Partial) Masking Functions ALTER COLUMN ColumnName ADD MASKED WITH (FUNCTION = ‘partial(prefix,[padding],suffix)’ Exposes the first and last letters and adds a custom padding string in the middle • Phone: partial(4,”XXXXXXXXXXX”,0) • Credit Card: partial(0,”XXXX-XXXX-XXXX-”,4) • Email: partial(1,”xxxx@xxxx.”,2)
  • 20. • To retrieve the original data the user must have the UNMASK permission • To add, replace, remove masking of existing columns ALTER ANY MASK permission • The CONTROL permission on the database includes both the ALTER ANY MASK and UNMASK permission ! Users without UNMASK but with UPDATE permission can still update data. Permissions
  • 21. system view to query for table-columns that have a dynamic data masking function applied to them • Simlar to sys.columns view • is_masked • masking_function sys.masked_columns
  • 22. Dynamic Data Masking in Action
  • 24. Azure Set up DDM using Azure Portal • Define users excluded from masking • Define Masking rules • Designated fields and masking functions for each one There is a recommendations engine that proposes potentially sensitive fields to mask
  • 25. Azure Default Full Masking according to the datatypes Credit card XXXX-XXXX-XXXX-1234 Social Security number XXX-XX-1234 Email aXX@XXXX.com Random Number Random number between selected boundaries Custom Text Prefix, Padding String, Suffix
  • 26. Some points to keep  Limitations and Restrictions  Considerations  Performance
  • 27. • Not compatible with Always Encrypted columns • Not compatible with File Stream • Not compatible with Column set • A column with data masking cannot be a key for a FULLTEXT index. • Masking rule cannot be defined on a computed column Limitations and Restrictions
  • 28. • Dynamic Data Masking is applied when running SQL Server Import and Export • Dynamic Data Masking is applied when using SELECT INTO or INSERT INTO to copy data from a masked column • Be careful with updates Considerations
  • 29. Minimal Performance Impact Data masking is performed right before the data is returned. Performance SELECT * FROM Person.EmailAddress;
  • 30.
  • 31.
  • 32. S E L E C T K N O W L E D G E F R O M S Q L S E R V E R Copyright © 2015 SQLschool.gr. All right reserved. PRESENTER MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION