Azure

Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal impact on the application layer. It’s a policy-based security feature that hides the sensitive data in the result set of a query over designated database fields, while the data in the database is not changed.

When a customer email address or phone number changes, the dimension table updates the customer row with the new values.

It also includes columns that define the date range validity of the version (for example, StartDate and EndDate) and possibly a flag column (for example, IsCurrent) to easily filter by current dimension members.

The table includes a column for the current value of a member plus either the original or previous value of the member.

Azure Table storage is designed to store structured data.

PartitionKey: The PartitionKey property stores string values that identify the partition that an entity belongs to.

Table entities represent the units of data that are stored in a table. Table entities are similar to rows in a typical relational database table. Each entity defines a collection of properties. Each property is defined as a key/value pair by its name, value, and the value's data type.

Timestamp: The Timestamp property provides traceability for an entity.

RowKey: The RowKey property stores string values that uniquely identify entities within each partition. The PartitionKey and the RowKey together form the primary key for the entity.

The DTU-based purchasing model uses a database transaction unit (DTU) to calculate and bundle compute costs. A database transaction unit (DTU) represents a blended measure of CPU, memory, reads, and writes.

A virtual core (vCore) represents a logical CPU and offers you the option to choose between generations of hardware and the physical characteristics of the hardware (for example, the number of cores, the memory, and the storage size).

Always Encrypted allows clients to encrypt sensitive data inside client applications and never reveal the encryption keys to the Database Engine (SQL Database or SQL Server). As a result, Always Encrypted provides a separation between those who own the data and can view it, and those who manage the data but should have no access.

This allows organizations to store their data in Azure, and enable delegation of on-premises database administration to third parties, or to reduce security clearance requirements for their own DBA staff.

Deterministic encryption always generates the same encrypted value for any given plain text value.

Database Permissions

Randomized encryption uses a method that encrypts data in a less predictable manner.

prevents searching, grouping, indexing, and joining on encrypted columns.

allows point lookups, equality joins, grouping and indexing on encrypted columns.

Consider using a hash-distributed table when: The table size on disk is more than 2 GB. The table has frequent insert, update, and delete operations.

Consider using the round-robin distribution for your table in the following scenarios: When getting started as a simple starting point since it is the default If there is no obvious joining key If there is no good candidate column for hash distributing the table If the table does not share a common join key with other tables If the join is less significant than other joins in the query When the table is a temporary staging table

Hash-distributed tables work well for large fact tables in a star schema.

Is not used in WHERE clauses.

Is not a date column.

Is used in JOIN, GROUP BY, DISTINCT, OVER, and HAVING clauses.