Microsoft enables SQL Server Information Protection Scheme
The Microsoft Information Protection (MIP) service now works with SQL Server data and can be applied using SQL Server Management Studio (SSMS), according to a Microsoft announcement on Monday.
Organizations can use Microsoft Information Protection (MIP) service sensitivity labels to classify SQL Server data. These labels, which signal the sensitivity of the data, can then be applied using the SSMS tool.
This feature in SSMS may be in preview stage or it may be released. Microsoft did not describe the release status. However, it says it’s “supported for SQL Server 2012 and later” and works with “SSMS 17.5 or later,” according to this Microsoft document.
Organizations that have created “standard” sensitivity labels for use with Microsoft 365 services can automatically apply them to SQL Server data, the announcement suggests:
If you have created standard sensitivity labels in Microsoft 365 and want the same labels to be passed to SQL Server and other downstream applications like PowerBI, then you have good news! This new native SQL classification feature allows you to authenticate with M365 and automatically retrieve sensitivity labels which can then be applied to critical columns.
Organizations first create MIP sensitivity labels using the Microsoft 365 Compliance Center service. They then use SSMS to apply these labels to columns of data in SQL Server, the document explains. With this schema, a “classification engine” will analyze the SQL Server data columns and send a report if there are any recommended classifications to adopt.
This data classification approach first arrives on the server side. It’s just “currently available for on-premises SQL Server only,” the announcement explained. “You may see the same functionality in the Azure portal in the coming months,” he added.
Microsoft also plans to extend SQL Server data classification to its other tools, including integration with Azure Purview, Microsoft’s data governance service. The idea is to apply Azure Purview’s data analysis rules to classify all sensitive data stored using the SQL Server database management system. When enabled, organizations will be able to create reports for compliance and auditing purposes.
Microsoft generally refers to this process as “SQL data discovery and classification”. It is said to go beyond simple database protection.
“Data Discovery & Classification forms a new information protection paradigm for SQL Database, SQL Managed Instance, and Azure Synapse, aimed at protecting data, not just the database,” the document states.
Kurt Mackie is senior news producer for 1105 Media’s Converge360 group.