In a scenario where you are tasked with implementing data masking for a dataset that contains sensitive customer information, such as credit card numbers, within a Microsoft Azure environment. The solution must comply with GDPR regulations, ensure that the data remains usable for analytics by authorized users, and minimize operational costs. Considering these constraints, which of the following approaches would be the most effective to protect the sensitive data while still allowing for analytics? Choose one option.

Simulated

Implement static data masking by creating a copy of the dataset where sensitive data is permanently altered, and provide access to this masked dataset for all users, regardless of their permissions.

3.2%

Utilize dynamic data masking in Azure SQL Database to conditionally mask sensitive data based on the user's role and permissions, ensuring that unauthorized users cannot view the sensitive information while authorized users can access the original data for analytics.

90.3%

Exclude the sensitive columns from all views and datasets entirely, providing access only to non-sensitive data for all users, which simplifies compliance but may limit analytics capabilities.

5.4%

Apply column-level encryption to the sensitive data and manage decryption keys separately, requiring users to request decryption for each access, which ensures high security but may introduce latency and complexity for analytics.

1.1%

Databricks Certified Data Engineer - Professional

Get started today

Comments