Masking Personal Information in MS Azure




After making a grand entrance into the world of cloud computing in the year 2010, MS Azure has been widely accepted as one of the finest IT platforms. There are various aspects of Azure that require specific skills for effective operation and management, which is the reason why a lot of people have started learning Azure. Various enterprises that use MS Azure as their cloud computing solution have started hiring employees that are adept in various disciplines like deployment, operations, and security. One of the most important parts of security is minimizing the exposure of data to the outside world, which comes under the scope of masking.

With the launch of Dynamic Data Masking for Azure SQL Database version V12, the functionality of the masking feature has been considerably enhanced. According to the director of product at United Public Safety, Data Masking has allowed the company to provide additional layers of protection to the sensitive data by limiting access to authorized users. Similarly, there are tons of companies out there taking advantage of this feature.

Advantages of Using Data Masking in Azure

The benefits offered by data masking are listed below:

  • Makes it easier to create a data masking policy by using T_SQL Configuration, Azure Portal, or PowerShell cmdlets
  • No requirement for changing application code or database procedures
  • Supports for AAD authentication
  • AAD users and groups can be granted DDM exclusion permissions
  • Low to no performance impact on database operations

Data Masking and Security

The security of the Azure environment can be enhanced by making use of a higher-level authorization scheme, which is capable of protecting administration features from random access by unknown individuals. By following an Azure developer hackathon guide, it is possible to learn about:

  • Enabling Azure Active Directory Authentication
  • Masking Personal Information

Masking Personal Information in Azure

You can set up a dynamic data masking policy in the Azure portal by choosing the dynamic data masking operation in your SQL Database configuration blade. This policy can be set up by the following individuals:

  • Azure Database admin
  • Server admin
  • Security officer roles

How to Set Up Dynamic Data Masking for Your Database

  • Open the Azure portal.
  • Go to settings.
  • In database security, click on Dynamic Data Masking. This will take you to a new page.
  • On this page, the recommendation engine will have already flagged different database columns for masking. You can either accept these recommendations or customize them by using the ‘discard’ and ‘add mask’ options. You can click save to save your settings.
  • You can select the Column, Table, and Schema when adding a mask to define the designated field for masking.
  • Azure gives you a number of options in sensitive data masking categories to select a Masking Field Format, go ahead and choose one.
  • Click Save in the data masking rule page.
  • At this stage, you need to define SQL users excluded from masking. You can enter their AAD identities and separate the list using a semicolon. You do not have to enter administrator id’s here as they are already excluded.
  • Click Save in the data masking configuration page and you are done.

Learning Microsoft Azure for Best Prospects

The various concepts and processes that govern Microsoft Azure are constantly updated, which makes it hard to stay abreast of the latest developments. However, if you are looking to improve your expertise in this technology, you should consider going through an Azure developer hackathon program. Not only will it improve your knowledge, it will also provide you with a vision to shape up your career in the world of cloud computing.

About The Author
Muzzammil
Product Manager at QuickStart

Muzzammil Hanif

With over 8 years of experience in the IT industry, Muzzammil is a tried and tested expert at product management. He has a special interest in InfoSec related certifications and courses, and has his finger on the pulse of the latest developments in the cyber security industry. When he is not working, he likes to watch movies and spend time with his family.