Dynamic Data Masking in Azure SQL Database

Ron Matchoro writes on the Azure Blog today:

We are excited to announce that this week we made Dynamic Data Masking available for preview on the new service version of SQL Database (V12).  Dynamic Data Masking is a policy-based security feature that helps limit the exposure of data in a database by returning masked data to non-privileged users who run queries over designated database fields, like credit card numbers, without changing data on the database. Dynamic Data Masking joins a growing set of security features for SQL Database including Auditing and Row-Level Security that help customers protect their sensitive data and further meet industry compliance policies.

Tomer Fefer the CTO of 10Bis says “SQL Database Dynamic Data Masking is a great feature to speed up troubleshooting by letting us grant temporary access to developers on production environments without compromising sensitive data in the underlying databases and it can also help to minimize the efforts of masking sensitive data in our Application GUI. It’s real-time, a money saver, and dynamic data masking policy can easily be created using the Azure Management Portal.”

The introduction of this feature helps address the concern for customers who store customer or PII data in Azure SQL Database and want to limit the exposure of this data from non-privileged application users or from developers that run SQL queries on production environments for troubleshooting purposes.  Dynamic Data Masking policies can be managed from the Azure Management Portal , New Azure Portal or via standard APIs. With an intuitive configuration interface, it is very easy to have a Dynamic Data Masking policy up and running on your database within minutes.

Continue reading...