Please Share your Product Ideas with us!

All ideas are welcome. Just because the Idea doesn't make it into the product immediately does not make it a bad idea.

Using Dynamic Data Masking feature from SQL Server 2016 in DSP

SQL Server 2016 introduces a new Dynamic Data Masking feature


It basically adds a Mask property to a field and depending on your SQL access, you can see the actual content or the masked version. Since DSP uses a single SQL user, this feature cannot really be used out of the box (the DSP user should be set up to see the real data), but my proposal is to add a feature in DSP to automatically mask fields based on SQL definition and User security in DSP

1) Check which fields are masked in SQL (sys.masked_columns)

2) Enable a flag on the Role Security or user profile (depending on how deep we want to get with this)

3) If the field is masked in SQL and the user is set up in DSP to "Do Not Unmask Data", then he would see the content for that field always masked wherever is shown in DSP.


I've not thought much about it, and it requires a deeper analysis, but this is just a first idea.

  • Inigo Saez
  • Feb 13 2018
  • Planned
  • Mar 26, 2018

    Admin response

    Thanks for the registration of your idea.  I have moved this into the backlog of the DSP as we have a number of other related tickets that make use of the new functionality available in SQL Server 2016 and 2017, including MDS and Machine Learning.  We will look to prioritise this functionality post 7.0 release of the DSP.

  • Attach files