10 September 2018

1 Comment

10 September 2018

1 Comment

Highlighting Personally Identifiable Information (PII) across SQL Server instances and databases

With the recent regulatory pressures such as GDPR, being able to know what type of data we are holding onto within our business became a bigger challenge. At Redgate, we have been exploring ways to make this easier for our heavy SQL Server users and eliminate the problems around this area by making it easy to efficiently highlight where you are holding Personally Identifiable Information (PII) among your SQL Server estate.

We have been iterating on this area with a set of users we have been working very closely with as part our Data Catalog Early Access Program (EAP) and the main pain we have identified is around the time taken to complete the initial classification job to highlight what type of data we have within our business, which is mainly what I want to talk about in this post.

SQL Data Privacy Suite EAP solution

SQL Data Privacy Suite is Redgate’s solution to address the pains around efficient classification of your columns across your SQL Server estate and allows you to take advantage of this work within other capabilities such as provisioning.

From the very beginning, the latest SQL Data Privacy Suite (SDPS as short) EAP release gives you a high level overview across your SQL Server estate. For instance, you are immediately represented with the summary of sensitivity label distribution with an instance.

Once we drill down into one of the SQL Server instances, we can also see that we are presented with the sensitivity label distribution per database. You can also notice that the solution offers auto discovery of classification suggestions to make it easy to get started with classifying the columns and decrease the time taken to complete the classification job. 

By default, we save the classification information into the schema of your database through the column level extended properties. However, we have heard from our customers that it is not always a possibility in certain cases to update the database schema. We took this feedback and introduced a way to configure the storage place of the classification information so that you can store them outside your database schema without being worried about overriding the information by mistake. 

Exposing the capabilities as REST APIs

Capabilities inside SQL Data Privacy Suite expose their aspects through a set of REST APIs which can be used to automate certain tasks or create different workflows. Provided Web interface within SDPS also makes use of these REST APIs. Therefore, you will be able to do anything that you can accomplish inside the Web interface through these HTTP endpoints.

On top of that, REST API documentation is released alongside with the SDPS and can be accessed through its Web interface which makes it easy to get started using the REST API:

You can find more about this inside the SQL Data Privacy Suite online documentation. 

Get in touch with us!

In this exciting journey, we’d like to work closely with you to understand how you’re discovering and classifying data across your SQL Server estate and maintaining this information. This would give you a unique opportunity to work with developers and designers within my team, provide feedback on new software releases, and influence our roadmap.

With your help, we aim to solve the challenge of maintaining up-to-date classifications of sensitive data (including PII) stored in SQL Server for reporting and compliance purposes.

If you are interested, please show your interest by joining the Data Catalog early access program!

Share this post.

Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Related posts

Also in DevOps

The 4 capabilities you need to introduce true database DevOps

The latest Accelerate State of DevOps Report from DORA concludes that successful software delivery unlocks competitive advantages, including “increased profitability, productivity, market share, cus...

Also in Audit & Compliance

Data Masker vNext: Have your say on the future of data masking

Back in 2017 Redgate acquired Net2000, a leading provider of data masking solutions for SQL Server databases. Since then, we’ve invested heavily in the data masking tools to ensure our customers can...

Also in Blog

Don’t just think database DevOps. Think compliant database DevOps.

The 2018 Accelerate State of DevOps Report from DORA specifically calls out database development as a key technical practice which can drive high performance in DevOps. It’s an interesting shift in ...

Also about data catalog

Welcome to the new world of curating data, not owning it

Faced with the new challenges of data protection – and increased levels of oversight – many of us working with SQL Server have come to the same conclusion. Quite simply, the column names and free ...

Also about Compliant database DevOps

Pseudonymizing a Database with Realistic Data for Development Work

For this demonstration, we will take AdventureWorks and produce a pseudonymized copy for development work. The aim is to surgically alter just the data that can identify individuals but leave everythi...

  • Jonlee Lockwood

    Can we assume that masker will integrate?