SQL Server Data Protection – Where to Start?

Hello Friends,

In last few months we heard a lot about GDPR or General Data Protection Regulation. We have seen so many discussions on this topic. Organizations which come under this law already implemented various features and using various tools to meet such requirements. Those who still don’t know about this Regulation, Here is the small description from Wikipedia:

“The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.”

If you want to know more about this then you can click here.

I have seen various Data Professionals like DBA, Developers, and Data Security Specialist who says – our organizations don’t have business in EU and EEA, so this rule doesn’t apply to us. If you are also thinking the same then please read this blog post by Kendra Little.

I’ll not be surprised, if In future we will have these kinds of rules and regulations everywhere in the world. As a Data Professional, we should always be ready to protect our customer data using various tools and features. For SQL Server, there are lots of features and tools provided by Microsoft, we can use them to protect data under this four steps process by Microsoft (including tools and features name):


Data Protection

  1. Data Discovery
  • Data Classification feature in in SQL Server Management Studio
  • Vulnerability Assessment Tool in SQL Server Management Studio

2. Data Management

  • Azure Active Directory and Azure SQL firewall
  • Windows Authentication
  • Dynamic Data Masking
  • Row Level Security

3. Data Protection

  • Always Encrypted
  • Transparent Data Encryption
  • SQL Server or Database Auditing
  • Threat Detection

4. Data Reporting

  • SQL Server or Database Auditing
  • Vulnerability Assessment

Note: This blog doesn’t explain any Law. Only purpose of this blog is to provide features and tools name those can be used to protect data.

Reference: Click Here


Prince Kumar Rastogi

Follow Prince Rastogi on Twitter | Follow Prince Rastogi on FaceBook


About Prince Rastogi

Prince Rastogi is working as Database Administrator at Elephant Insurance, Richmond. He is having more than 8 years of experience and worked in ERP Domain, Wealth Management Domain. Currently he is working in Insurance domain. In the starting of his career he was working on SQL Server, Internet Information Server and Visual Source Safe. He is post graduate in Computer Science. Prince is ITIL certified professional. Prince likes to explore technical things for Database World and Writing Blogs. He is Technical Editor and Blogger at SQLServerGeeks.com. He is a regular speaker at DataPlatformDay events in Delhi NCR. He has also presented some in depth sessions about SQL Server in SQL Server Conferences in Bangalore.

View all posts by Prince Rastogi →

Leave a Reply

Your email address will not be published.