Row-level security is great for all or nothing decisions, but there are times when users need access to a subset of the data. For example, the last four digits of a credit card or social security number. This can be done at the application level, but that leaves room for error. You only need to forget the mask one time to leak sensitive data.
SQL Server 2016 attempts to address this with a feature called Dynamic Data Masking. When a column is created with a mask, it defaults to returning only the data exposed through the mask. There are three types of masks currently available:
Read more at http://www.infoq.com/news/2015/06/SQL-Server-Masking
No comments:
Post a Comment