Hi,
I have an urgent requirement to mask the queue item reference field in the Orchestrator for a regulatory compliance.
I am not okay with implementing a hashing algorithm as it would be an one way hashing and have no chance of getting back the original data unless we decrypt it.
I came across a feature called Dynamic Data Masking in SQL Server 2016 which would mask the data on the fly based on the user role mapping and it’s in-line with UiPath’s recommendation as well to grant (db_datareader, db_datawriter and db_ddladmin) where db_owner permission is not feasible to be granted. (Granting db_owner permission will provide unmasked data).
I have verified the results using a windows application + a sample database in SQL Server 2017 and the solution works great. Since I don’t have an environment with UIPath 2018 Orchestrator and SQL Server 2016/17, I need to get concurrence from UiPath that this change would be feasible in Orchestrator database and does not have an adverse impact.
Test details:
I have followed the instructions as in the below forum to mask the description field in the sample database.
https://www.sqlshack.com/using-dynamic-data-masking-in-sql-server-2016-to-protect-sensitive-data/
Test Screenshot:
Image showing masked data for user DDmUser1
Please let me know if further details are required.
Thanks,
Arun