September 1, 2020 at 12:00 am
Comments posted to this topic are about the item Bypassing Dynamic Data Masking
September 1, 2020 at 6:52 am
have used dynamic masking for sensitive data, which actually works rather well.
only wish the permissions could be applied per DB object and not only on the entire db.
____________________________________________
Space, the final frontier? not any more...
All limits henceforth are self-imposed.
“libera tute vulgaris ex”
October 27, 2020 at 6:33 am
I have never been all that keen to use SQL masking because it is too easy work around by design. The fact that you can use a masked column in joins and WHERE conditions means that someone who wants to, can potentially work out what a column contains. (e.g. if you mask the salary column, you can still work out the salary for the general manager by SELECT * FROM Payroll WHERE Name = 'your gm' and salary > n... and keep repeating until you find what you are after)
Some of my use cases have been more finely grained requirements than just masking a column for all rows of a table. DDM works pretty well for the simple case, certainly, but as things get more complex, it is too limiting.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy