Netherlands: Software

Introductie van Micorosoft SQL Server 2016

Issue link: http://hub-nl.insight.com/i/692679

Contents of this Issue

Navigation

Page 181 of 212

169 C H A P T E R 8 | Improved Azure SQL Database Securing data at the row level For managing multitenant databases, a common security requirement is to restrict users from accessing all rows in a table. In previous versions of SQL Database, this Row-Level Security (RLS) feature was available only by implementing extensive custom coding or application logic. In the current version of SQL Database, the restricting logic is in the database tier to protect access to specific rows regardless of the requesting tier. The filtering mechanism for RLS in SQL Database relies on a security predicate filter that is defined as an inline table function. You then create a security policy to enforce this function, just as we describe for RLS in on-premises SQL Server in Chapter 2, "Better security." Dynamic data masking Although CLE is a good option for obscuring PII and other sensitive data, you might need to allow some users to see a portion of the data, such as the last four digits of a customer's Social Security number for identification confirmation. Dynamic data masking is a feature in both on-premises SQL Server and SQL Database that we introduce in Chapter 2. Using dynamic data masking, you can keep data secure while enabling the visibility of a portion of the data. You can configure dynamic data masking in SQL Database by using T-SQL or by using the Azure Management Portal. In the portal, navigate to your SQL Database, click All Settings, and then, in the Settings blade, select Dynamic Data Masking. In the Dynamic Data Masking blade, shown in Figure 8- 7, a list of masking rules is displayed in addition to a list of columns for which data masking is recommended. You can enable data masking on those columns by clicking the Add Mask button to the right of the column name, or create a new mask by clicking the Add Mask button at the top of the blade. Figure 8-6: Configuring dynamic data masking for a SQL Database in the Azure Management Portal. After specifying the mask function to apply to selected columns, click the Save button at the top of the blade to save the configuration changes to your SQL Database. After saving these changes, users

Articles in this issue

Archives of this issue

view archives of Netherlands: Software - Introductie van Micorosoft SQL Server 2016