how to handle sensitive data in ADLS with masking and encryption features

Naga 66 Reputation points
2021-10-26T20:23:38.943+00:00

Hi team,

how to handle sensitive data in ADLS with masking and encryption features.

Please provide leads.

Regards,
NagaSri

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,335 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. PRADEEPCHEEKATLA-MSFT 76,586 Reputation points Microsoft Employee
    2021-10-27T09:12:55.98+00:00

    Hello @Naga ,

    Thanks for the question and using MS Q&A platform.

    Azure Data Lake Gen2 has limited data security (no row-level, column-level, dynamic data masking, etc) and the difficulty in accessing it compared to accessing a relational database.

    Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics supports Row-Level Security, Column-level security and dynamic data masking.

    Azure Data Lake Storage Gen2 implements an access control model that supports both Azure role-based access control (Azure RBAC) and POSIX-like access control lists (ACLs).

    This article describes access control lists in Data Lake Storage Gen2. To learn about how to incorporate Azure RBAC together with ACLs, and how system evaluates them to make authorization decisions, see Access control model in Azure Data Lake Storage Gen2.

    For more details refer the below articles:

    ADLS Gen 2 supports both encryption-in-transit and encryption-at-rest.

    For more details, refer to Azure Storage encryption for data at rest.

    Alternative options: Masking Sensitive Data in Azure Data Lake

    Hope this will help. Please let us know if any further queries.

    ------------------------------

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
    • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators
    0 comments
  2. Naga 66 Reputation points
    2021-10-28T18:20:27.193+00:00

    Thanks Pradeep.

    Also, could you please provide some leads on how to decrypt data and use in power bi for analytics from ADLs.

    Example - By using CRC32() function, have masked DOB column and saved the file in ADLs. Now want to use the same file for Analytics.

    Thanks in advance!!

    Regards,
    NagaSri