Implement Dynamic Data Masking
In this we will learn how to implement dynamic data masking with the Azure portal. You can also implement dynamic data masking using Azure SQL Database cmdlets or the REST API.
Set up dynamic data masking for your database using the Azure portal
- Firstly, launch the Azure portal at https://portal.azure.com.
- Secondly, navigate to the settings page of the database that includes the sensitive data you want to mask.
- Thirdly, click the Dynamic Data Masking blade under the Security section of your database.
- After that, in the Dynamic Data Masking configuration page, you may see some database columns that the recommendations engine has flagged for masking. In order to accept the recommendations, just click Add Mask for one or more columns and a mask is created based on the default type for this column. However, you can change the masking function by clicking on the masking rule and editing the masking field format to a different format of your choice.
- Next, to add a mask for any column in your database, at the top of the Dynamic Data Masking configuration page, click Add Mask to open the Add Masking Rule configuration page.
- Then, select the Schema, Table and Column to define the designated field for masking.
- After that, select how to mask from the list of sensitive data masking categories.
- Click Add in the data masking rule page. However, this is to update the set of masking rules in the dynamic data masking policy.
- Then, type the SQL users or Azure Active Directory (Azure AD) identities that should be excluded from masking. And this have access to the unmasked sensitive data.
- Lastly, click Save in the data masking configuration page to save the new or updated masking policy.
Reference: Microsoft Documentation