patternsqlModerate
SQL Server: can dynamic data masking be safe when providing a database backup?
Viewed 0 times
maskingcansqlprovidingdatabasesafedynamicserverdatawhen
Problem
I have a SQL Server 2016 SP1 with data that I am ready to share with a partner (developer), except for a few columns, example:
I give the partner the credentials for logging in to the test copy of the database as a certain user, without unmask permission. I understand this is reasonably safe.
Now, we are considering sharing the database backup with our partners, so they can reload in their own server and environment.
I would probably need to have contained users, so that partner cannot create new users or connect them to existing logins (not sure about this).
Is there a way that I can share a database backup, and still trust that the masked columns are safe, or do I have to physically delete the data?
email varchar(64) MASKED WITH (FUNCTION = 'email()') NULLI give the partner the credentials for logging in to the test copy of the database as a certain user, without unmask permission. I understand this is reasonably safe.
Now, we are considering sharing the database backup with our partners, so they can reload in their own server and environment.
I would probably need to have contained users, so that partner cannot create new users or connect them to existing logins (not sure about this).
CREATE USER user_name WITH PASSWORD = 'strong_password';Is there a way that I can share a database backup, and still trust that the masked columns are safe, or do I have to physically delete the data?
Solution
No, I'm sorry. Your partner has a sysadmin login for their SQL Server, and a sysadmin can do everything with everything inside a SQL Server instance - including the databases.
I suggest that you develop a routine to clear out the sensitive data. I.e., perform the backup. Restore it to a different database name, clean it. And now produce a new backup.
I suggest that you develop a routine to clear out the sensitive data. I.e., perform the backup. Restore it to a different database name, clean it. And now produce a new backup.
Context
StackExchange Database Administrators Q#215172, answer score: 13
Revisions (0)
No revisions yet.