In the run up to this year’s SQL Server 2016 launch, Microsoft is touting the database software’s new privacy-enhancing capabilities.
SQL Server 2016 represents a step up in terms of database security. In addition to Always Encrypted technology from Microsoft Research, which allows SQL Server to perform operations on encrypted data, the upcoming release of the database also enhances data privacy courtesy of a new Dynamic Data Masking (DDM) feature that can be used to hide sensitive information from prying eyes. Dynamic Data Masking was incorporated into Azure SQL Database in November.
Ronit Reger, senior program manager for Microsoft SQL Data Security, claimed in a Jan. 25 blog post that Dynamic Data Masking not only improves data security and privacy, but it can also simplify database management.
“Traditionally, the logic of obfuscating sensitive data has been developed in the application layer, requiring it to be duplicated across all modules and applications accessing the data,” wrote Reger. “Alternatively, special views have been created to avoid exposure of these sensitive data pieces on the database itself, although these can impact database operations and are susceptible to errors.”
In SQL Server 2016, Dynamic Data Masking is built-in, limiting access to data fields that contain sensitive information. By applying rules on select columns, database administrators can configure how data in those columns appear when queried. Instructions and examples are available in this SQL Server Blog post.
“There are no physical changes to the data in the database itself; the data remains intact and is fully available to authorized users or applications,” assured Reger. “Database operations remain unaffected, and the masked data has the same data type as the original data, so DDM can often be applied without making any changes to database procedures or application code.”
Options include a default masking type, which fully obfuscates the original value. Other functions include partial, random and email masking, the latter of which keeps the email format while exposing only the first character in an address.
Dynamic Data Masking has little effect on database performance, added Reger in an accompanying FAQ. “Since the data masking is performed only at the end of the database query operation, right before the data is returned, the performance impact is minimal and often negligible. You should still validate the exact performance impact for your workload.”
While Dynamic Data Masking may help keep nosy developers and IT personnel from accessing banking, employee and other types of confidential information, it’s not a cure-all for all security risks, cautioned Reger.
“DDM is intended to simplify the obfuscation of sensitive data by centralizing the logic in your database, but it does not provide complete protection against malicious administrators running exhaustive ad-hoc queries,” Reger said. “Dynamic Data Masking is complementary to other SQL Server security features (auditing, encryption, Row-Level Security, etc.) and it is highly recommended to use it in conjunction with them to better protect your sensitive data in the database.”