Another great security feature is presented in version SQL Server 2016. Dynamic data masking limits sensitive data exposure by masking it to users with low-level privileges. Sometimes you will need to expose some elements from the data, but with built-in elements of preventing unauthorized access. Let's look at the following example: a user will execute SELECT
, but unauthorized elements are hidden-masked:
ID | FirstName | LastName | PhoneNumber | EmailAddress | CreditCardNumber |
1 | Jasmin | Azemović | +387- xxxxxx | xxxx-xxxx-xxxx-1111 | |
2 | Denis | Musić | +387- xxxxxx | xxxx-xxxx-xxxx-2222 | |
3 | Edward | Snowden | +387- xxxxxx | xxxx-xxxx-xxxx-3333 | |
4 | Julian | Assange | +387- xxxxxx | xxxx-xxxx-xxxx-4444 |
This feature can be implemented without affecting or modifying any existing SQL or application code.
Let's see how it works:
-- You will use content of AdventureWorks sample database1> USE AdventureWorks2> GO-- Add masked future to the Email column1> ALTER TABLE Person.EmailAddress...