Dynamic Data Masking (DDM) is a new security feature in Microsoft SQL Server and Azure SQL DB. The main documentation is here (also see link under Resources at end). This post was a quick how-to intro to DDM, including applying it in a database and managing which principals see masked or Unmasked data. I ' ll also answer a few questions that commonly come up.
What is DDM?
Picture this scenario. You had a database table which storessensitive data, such as Social Security numbers, in the clear (unencrypted). Anyone with appropriate access can runselect *against This table and see all the sensitive data.
This becomes a concern in organizations where production data are periodically restored into development, test, and/or stag ing environments. Developers, testers, and other people need to work with the data, but has visibility to sensitive data. This was clearly concerning (and may be unlawful in some jurisdictions). How does we give these roles the data they need, while protecting sensitive data?
Read the entire article here, Get started with Dynamic Data masking in SQL Server and Azure SQL DB Patrick's Azure Bl og
Via the fine folks at Microsoft
Microsoft:get started with the Dynamic Data masking in SQL Server and Azure SQL