Pages

Sunday, November 27, 2016

Why Do People Think Dynamic Data Masking is a Good Idea? - SQL SERVER 2016 #5

Data security is always one of the important points which can not be ignored. Nowadays if you are working for any specific domain like Banking or Healthcare then there are a lot of compliance rules which you have to follow.
Data Masking is one of the best ways to help you to secure your sensitive data by a dynamic mask encryption.
This is one of the best features of SQL SERVER 2016 which I personally like most.
With the help of Dynamic Data Masking, you are just applying a mask to your sensitive data.  for example, if your system is storing SSN data then it should be visible to privileged or we can say authorized user only.
Dynamic Data Masking has following features:-
1) It masked the Sensitive data.
2) There will be no impact on functions & Stored Procedures and other SQL statement after applying this.
3) Applying the Data Masking is super easy.
4) You can allow any database user/role to see unmasked data by just simple Grant & Revoke Statement .
5) Data is not physically changed.
6) It is just on the fly obfuscation of data query result .
7) It is just  a T-SQL command with basic syntax.
Now , let us understand how to implement it.
Data masking implementation is very easy and below is the syntax for it.



Here, if you see the syntax is very simple the only new thing is MASKED and with (function=function name) only.
The function is nothing but the way to mask the data. SQL SERVER 2016 has following  different functions to mask the data
1) Default() function:- This is basic masking with the help of this function you can easily mask any field.
for example, your first name or last name field can be masked like XXXX etc.
2) Email() function :- If your column is email type or you we can say if you store Email in your column then you should use the Email() function for masking.
for example, your email can be mask like  RXXXX@XXXX.com
3) Partial () function:- With the help of this function you can mask specific data length and exclude some part of data from masking logic. for example, 123-4567-789 is your phone number then with partial masking feature you can mask like 12X-XXXX-7XX.
4) Random() function – By the name it is clear that you can mask the data with any random number range we will see more below in the hands on.
Remove Masking :- This is also possible that you applied a masking to a column and later on you don’t want that masking. So , don’t worry it very easy to remove masking from a column. below is the syntax for same.


Now, let’s understand this by an example.
In the example we are using a new database “SecureDataMask” in this database we are creating a tblSecureEmployee as shown in below figure.


Now, in this table, we are inserting couple of data for testing as shown below


Now we are applying different masking on this table’s column
1) Default Masking : In the table, we are applying default masking on LastName


2) Email Masking :- In the table, we are going to apply Email masking to email column below is the syntax for it.


3) Partial Masking:- For SSN we are going to apply custom masking. below is the syntax for same. Here as we aware that SSN is 11 characters long in our database. we applied the partial masking to show first two & last two characters in original value and rest other in the mask.


4) Random Number Masking :-  In our table, we are going to apply Random number masking to Securepin column as shown below.


Here, so far we are done with all the masking now.  let me run the select statement to test it.


If you see the data is still in the original state because I logged in using  privilege account “SA”. now, to test the masking let me create a new user account.


After creating the account we are trying to log-in with a new account as shown in below screen.



After our successful log in, we will run the select statement on same database’s table as we did earlier. If you see below snap you will find that we got masked data for LastName, Email, SSN, and securePin.



Now, it might be a rare case but suppose you want to remove the mask from any column on which you applied masking then don’t worry it is super easy.
Suppose, from the same table we don’t want mask on the LastName then below is the syntax for same.

Now, let me run the same select statement seeMask_user. You will find the Last Name is unmasked now.


From above few changes you can secure your data via Dynamic masking and as mentioned above there will be no impact on your existing function ,stored procedure because data is not physically changed.
I hope you may like this feature.   Please, share your input for same.
Enjoy !!
RJ

Saturday, October 22, 2016

How DATEDIFF_BIG a new feature of SQL SERVER 2016 Can Keep You Out of Trouble

In the series of SQL SERVER 2016, this is a new post. in this post, we will discuss DATEDIFF_BIG and how it is helpful.
So, before jumping into directly in technical details, we all know that time is very important and every second valuable and countable but sometimes every microsecond & nanosecond is also countable Smile . For such operations in which every microsecond & nanosecond is countable, we can use DATEDIFF_BIG function.
As you aware the BIGINT range is from -9,223,372,036,854,775,808 to 9,223,372,036,854,775,807.  Here if any difference (Micro & Nano) second is out of the the mentioned range then DATEDIFF returns that value else return error(Obviously).
Below is the basic syntax if DATEDIFF_BIG although it is similar to DATEDIFF. We can say it is a extended version of DATEDIFF.
DATEDIFF_BIG( datePart, start Date, End date)
The value of datePart is same like DATEDIFF function.
For example if you want to collect millisecond difference then use ms, microsecond then mcs and for nanosecond ns.
As per the MSDN   for the Millisecond, the maximum difference between start date & end date is 24 days, 20 hours, 21 minutes and 23,647 seconds. For Second, the maximum difference is  68 years.  
Now, let see why this DATEDIFF_BIG introduced so, I am running a DATEDIFF  function in SQL SERVER 2012 and see what we get after running that query.

DATEDIFF_BIG in SQL SERVER 2016




You can see in above query we got an error of overflow.
Now, we are calculating the same difference from DATEDIFF_BIG in SQL SERVER 2016. See, below snap for same.

DATEDIFF_BIG in SQL SERVER 2016 by Indiandotnet




Isn’t it great ? Although, I am scarred with those applications who calculate milliseconds Sad smile.
Anyways, it is good to know feature.
Do provide your feedback for the post it is very valuable for us.
RJ !!!

If You Read One Article About Split String in SQL SERVER 2016s Read this One #3

In the Series of SQL SERVER 2016, this is another post. Before Jumping in detail just think if you have a comma or other separator string and if you have to split it by separator field then for such task  in previous SQL SERVER versions either you will write a function which split the string and return desire values in a column  or
you will use XML function or  might be different custom functions.
Let me explain this with below example. Suppose you have a string like below
DECLARE @FriendList AS VARCHAR(1000)
SET @FriendList ='Ravi,Suyash,Vaibhav,Shyam,Pankaj,Rajul,Javed'

Now you want output like below
String split in SQL SERVER 2016


Then in such cases, you will  follow 2 approaches (their might be other as well)

Approach 1:- Write  a function like below  and use it.
Different ways of spliting a comma seperated string in SQL


And once this function is created you can use like below
custom string split function


Approach 2 :- You can use XML option in SQL SERVER as  shown in below

split string using XML in SQL SERVER

So, the good news is now in SQL SERVER 2016 you don’t need to write  so many lines to split any string. In SQL SERVER 2016 a new string function is Introduced which is
STRING_SPLIT
The use of this function is very easy and below is the syntax
STRING_SPLIT (string, separator)
Now, let me show you same output using STRING_SPLIT function
string_split function in SQL SERVER 2016


Isn’t it easy ?
I hope you will like this easy way to split the string.
Provide your feedback.
RJ !!!

Sunday, October 16, 2016

Do you know Compress & Decompress function in SQL SERVER 2016 ?

This is another article in the series of SQL SERVER 2016 Journey . I am pretty much sure you might aware of Gzip Compression algorithm. If not then try  this link.

So, SQL SERVER 2016 introduce this two awesome functions for Compress & Decompress the data.
Before SQL SERVER 2016 version we have data compression feature like Page & Row compression (check Previous post for it Link )which is different then this column value compression.

In SQL SERVER 2016 Compress function,  data compression is done via GZIP algorithm and return VARBINARY(MAX).

Below is the simple syntax of Compress function

Compress (Expression)

Here Expression can be nvarchar(n), nvarchar(max), varchar(n), varchar(max), varbinary(n), varbinary(max), char(n), nchar(n), or binary(n)

Decompress function is just opposite of  compress function. It is used to decompress the value of VARBINARY which is converted using Compress function. The only tweak is you need to cast the output of Decompress function  in specific data type to make it readable (if using varchar ,nvarchar compression) .

below is the simple syntax of Decompress
Decompress (Compressed string)


Let’s understand this via an example as shown below .

Compress function

In this example I have taken 3 tables with exact same schema & data

  1. 1) IndiandotnetFriends
  2. 2) IndiandotnetFriends_Compress
  3. 3) IndiandotneFriends_Decompress

You can see  snap in which we are inserting same data.
As the name suggested in first table normal data from Adventureworks’s person table.
In second table we are inserting compressed value of first Name  and in 3rd table we are inserting decompress value of First Name from the Compressed table.
Now, let’s check compress  & decompress table data
Decompress function


Now, Your might thinking that the output of both compress and decompress is not readable.
So you are right to make data readable of Decompress table we need to type cast.
See below snap for same.

Decompress type casting


Till now we know how to use this Compress & Decompress function. Now, let me share the benefit of using Compress. if you see below snap you will find that data length of compress is comparatively less than normal and decompressed data length .

Datalength in compress data


Obviously, compression helps you somewhere in the overall performance of your application.
The good point is  you can pass the compress data to your .net application and decompress using GzipStream as well.

The only thing which we need to take care is type casting. Suppose your base column which compressed is VARCHAR then you need to typecast again in VARCHAR.

Now, next question is where we can use this functions. So,  we can use in compressing large object like binary data in which we save jpg, pdf , word document etc..

I hope you will be excited in using this function.

Please, share your input.
RJ!

Saturday, October 15, 2016

Here Come New Ideas for DROP IF EXISTS in SQL SERVER

In the Series of SQL SERVER 2016 journey, this is our new article. In this article, we are sharing a new cool feature which introduced in SQL SERVER 2016 which is DROP IF EXISTS (DIE) .
In our development many times it happens that we need to drop a table and as a best practice we write the following syntax as shown in below figure

Now, in SQL SERVER 2016 the same task is super easy. You can write the following syntax to drop the table object

DROP TABLE IF EXISTS TABLENAME
The best part is if suppose the object does not exist then  here will be no error execution will continue.
Let me share one more example of Dropping a stored procedure.

Similar, way we can write for following data objects and with the following syntax

Procedure:- DROP PROCEDURE IF EXISTS Procedure Name

Assembly:-
DROP ASSEMBLY IF EXISTS Assembly Name

ROLENAME :-
DROP ROLE IF EXISTS ROLENAME

TRIGGER :-
DROP TRIGGER IF EXISTS Trigger Name

VIEW:-
DROP VIEW IF EXISTS View Name

RULE:-
DROP RULE IF EXISTS RULENAME\

Type:-
DROP TYPE IF EXISTS Type Name

Database:- DROP DATABASE IF EXISTS Database Name

Schema:-
DROP SCHEMA IF EXISTS Schema Name

User:-
DROP USER IF EXISTS Username

SECURITY POLICY:-
DROP SECURITY POLICY IF EXISTS Policy Name

View :-
DROP VIEW IF EXISTS View Name

FUNCTION:-
DROP FUNCTION IF EXISTS Function Name

SEQUENCE:-
DROP SEQUENCE IF EXISTS Sequence Name



Synonym:-
DROP SYNONYM IF EXISTS Synonym Name

I like this feature I am sure you will also like this.

Please, do share your feedback for blog post.
Enjoy !!

Tuesday, October 11, 2016

9 Amazing features of SQL SERVER 2016


Although, I know I am bit late to share this thing on our blog but it says in Indian proverb “Der aai durust aai” means it’s OK you came late but you came that is more important.
Anyways, so you all might aware that Microsoft launched SQL SERVER 2016 officially in June 2016.
You can download the SQL Server 2016 via Link.
Obviously, this is a new revolution in SQL SERVER series. You will find many great features in this version.
This post is beginning to explore all those great features and we will do deep dive in all those features. In this, post we briefly introducing those features. so, without wasting time let me share a brief introduction.
 
1) JSON in SQL SERVER :-
Is this surprising to you ? Obviously, yes. As you might aware that most of the NO SQL database use either JSON or XML. As XML feature already exists in SQL SERVER so this was time for JSON. You can play with JSON in SQL SERVER 2016.
 
2)Always Encrypted :-
If you talk about security this one the best feature. Now, you are thinking what it means. So, It means that the data in the SQL SERVER reside always in encrypted format and SQL server can perform the operation on the encrypted data without decrypting it. The encryption key can be exist in some other system. With this, feature you can secure you ensure that your data is secure from the person like DBA / Developer as well. These guys also can’t see the actual data. Isn’t it neat ?
 
3) Row Level Security :-
This is another interesting feature which helpful especially to the developers  who needs to write extra code to check this. Let me explain this with an example suppose you have a sales team who do market research and you want to restrict that each sales manager can see only those data which entered by him only in such cases you don’t need to write specific condition in your code. It can be achieved by Row Level Security.
 
4) “R” in SQL SERVER :-
For the data scientist, it is a great NEWS. As Resolution Analytics is purchased by Microsoft and It is incorporated in SQL SERVER. You can run R analysis query in SQL Server.
 
5) Temporal Table:-
The Temporal table holds the old version of ROWS of a table. It means that it maintain a copy of the old rows in the table whenever there is an update on the main table.
 
6) PolyBase :-
With the help of this feature, you can access data which exist in Azure Blob or Hadoop cluster using the same SQL server. In the nutshell, we can say this is the technology which combines both relational & non-relational database in a single umbrella which is SQL SERVER. You can run the query directly on external data like Hadoop or Azure blob storage.
 
7) Stretch Database:-
I am pretty much sure by the name you can guess this feature. So, with the Stretch database you have can store your part of the data in the cloud which depends upon your need. You can say most recent transactional data you can store in your local environment and other old data you can store in Azure.
 
8)Query store :-
Another interesting feature to help you in identifying  performance drag using Query store. When you enable this feature it automatically captures a history of queries , plans,  and statics and retain them for review and resolve the performance issues.
 
9) Mobile report:-
As mentioned earlier this is the revolution in SQL SERVER 2016. In SSRS there are many important changes introduced. Now we can import Power BI report in SSRS and apart from this you can create a mobile report which you can run on Mobile.
 
Now, we started officially SQL SERVER 2016 tutorial series.
 
Moving forward we are going to discuss all these features in details and also the couple of new things which introduced in SQL SERVER 2016.
 
enjoy.
Happy VijayDashmi.

Tuesday, March 29, 2016

MS Build 2016 Live Streaming

Watch Live streaming of MS BUILD 2016