Microsoft Strengthens Data Privacy With SQL Server 2016
The Dynamic Data Masking feature in SQL Server 2016 offers businesses another layer of database security.In the run up to this year's SQL Server 2016 launch, Microsoft is touting the database software's new privacy-enhancing capabilities. SQL Server 2016 represents a step up in terms of database security. In addition to Always Encrypted technology from Microsoft Research, which allows SQL Server to perform operations on encrypted data, the upcoming release of the database also enhances data privacy courtesy of a new Dynamic Data Masking (DDM) feature that can be used to hide sensitive information from prying eyes. Dynamic Data Masking was incorporated into Azure SQL Database in November. Ronit Reger, senior program manager for Microsoft SQL Data Security, claimed in a Jan. 25 blog post that Dynamic Data Masking not only improves data security and privacy, but it can also simplify database management. "Traditionally, the logic of obfuscating sensitive data has been developed in the application layer, requiring it to be duplicated across all modules and applications accessing the data," wrote Reger. "Alternatively, special views have been created to avoid exposure of these sensitive data pieces on the database itself, although these can impact database operations and are susceptible to errors."
In SQL Server 2016, Dynamic Data Masking is built-in, limiting access to data fields that contain sensitive information. By applying rules on select columns, database administrators can configure how data in those columns appear when queried. Instructions and examples are available in this SQL Server Blog post.