Dynamic Data Masking - Orchestrator database




I have an urgent requirement to mask the queue item reference field in the Orchestrator for a regulatory compliance.

I am not okay with implementing a hashing algorithm as it would be an one way hashing and have no chance of getting back the original data unless we decrypt it.

I came across a feature called Dynamic Data Masking in SQL Server 2016 which would mask the data on the fly based on the user role mapping and it’s in-line with UiPath’s recommendation as well to grant (db_datareader, db_datawriter and db_ddladmin) where db_owner permission is not feasible to be granted. (Granting db_owner permission will provide unmasked data).

I have verified the results using a windows application + a sample database in SQL Server 2017 and the solution works great. Since I don’t have an environment with UIPath 2018 Orchestrator and SQL Server 2016/17, I need to get concurrence from UiPath that this change would be feasible in Orchestrator database and does not have an adverse impact.

Test details:

I have followed the instructions as in the below forum to mask the description field in the sample database.

Test Screenshot:

Image showing masked data for user DDmUser1

Please let me know if further details are required.