SQL Server Data Classification Features Note from the Data Whisperer
By Tom Nonmacher
SQL Server 2019, MySQL 8.0, DB2 11.5, Azure SQL, and Azure Synapse all have robust data classification features that are instrumental in data protection. Data classification in SQL Server 2019 is a tool that allows organizations to categorize and label their data, enabling them to manage it more effectively and comply with legal obligations such as the GDPR.
In SQL Server 2019, the data classification feature is available via SQL Server Management Studio (SSMS). It can be accessed by right-clicking on a database, selecting Tasks, and then clicking on Classify Data. This opens up a wizard that guides users through the process of defining and applying classification rules.
-- SQL Server 2019 example to classify data
USE [DatabaseName]
GO
-- Create a new schema
CREATE SCHEMA [Classification]
GO
-- Create a new table
CREATE TABLE [Classification].[CustomerData](
[ID] [int] IDENTITY(1,1) NOT NULL,
[Name] [nvarchar](50) NOT NULL,
[Email] [nvarchar](50) NOT NULL,
[CreditCard] [nvarchar](16) NOT NULL,
[SSN] [nvarchar](9) NOT NULL,
)
GO
-- Add data classification metadata
ADD SENSITIVITY CLASSIFICATION TO
[Classification].[CustomerData].Name WITH (LABEL='Confidential', INFORMATION_TYPE='Personal')
GO
ADD SENSITIVITY CLASSIFICATION TO
[Classification].[CustomerData].Email WITH (LABEL='Confidential', INFORMATION_TYPE='Contact Info')
GO
ADD SENSITIVITY CLASSIFICATION TO
[Classification].[CustomerData].CreditCard WITH (LABEL='Highly Confidential', INFORMATION_TYPE='Financial')
GO
ADD SENSITIVITY CLASSIFICATION TO
[Classification].[CustomerData].SSN WITH (LABEL='Highly Confidential', INFORMATION_TYPE='National ID')
GO
MySQL 8.0 does not have an in-built data classification feature. However, it can be achieved by using a combination of column comments and custom scripts. You can add comments to columns during table creation or modification. These comments can act as classification labels.
-- MySQL 8.0 example to classify data
CREATE TABLE CustomerData (
ID INT AUTO_INCREMENT PRIMARY KEY,
Name VARCHAR(50) NOT NULL COMMENT 'PII: Personal',
Email VARCHAR(50) NOT NULL COMMENT 'PII: Contact Info',
CreditCard VARCHAR(16) NOT NULL COMMENT 'PII: Financial',
SSN VARCHAR(9) NOT NULL COMMENT 'PII: National ID'
);
DB2 11.5 introduced a data classification feature in its Data Server Manager. This tool provides a user-friendly interface for creating and managing classifications. It also has an automatic classification feature which can be used as a starting point for the classification process.
Azure SQL, on the other hand, has a built-in data discovery and classification feature which provides a set of advanced services and capabilities to help manage and protect your data. It can be found in the Azure Portal, under the Security tab for your database.
Azure Synapse Analytics, previously SQL Data Warehouse, provides the ability to classify data through its Security Center. It provides recommendations for sensitivity labels based on the data stored in your database. These classifications can be applied at the column level.
In conclusion, data classification is a crucial aspect of data protection and compliance. SQL Server 2019, DB2 11.5, Azure SQL, and Azure Synapse all provide robust features to help you classify your data. While MySQL 8.0 does not have an in-built feature, it can still be achieved using column comments and custom scripts.