The Commvault software uses the SQL Dynamic Masking feature to hide sensitive information from non-privileged users by masking table values. With SQL Dynamic Data Masking, sensitive data in query results are masked if the query is run by a non-privileged user. However, data masking does not affect the data itself and the data can be accessed by all Commvault jobs.
Example
User Runs Query To List Tables for Which Dynamic Masking of Sensitive Data Is Enabled
SELECT tbl.name as table_name, c.name AS column_name, c.is_masked, c.masking_function
FROM sys.masked_columns AS c
JOIN sys.tables AS tbl
ON c.object_id = tbl.object_id
WHERE is_masked = 1
order by tbl.name
Results for Privileged User
name |
net_hostname |
csHostName |
displayName |
A_Client |
xyz.abc.commvault.com |
xyz.abc.commvault.com |
Client1 |
B_Client |
abc.def.commvault.com |
xyz.abc.commvault.com |
Client2 |
Another_Client |
rst.uvw.commvault.com |
xyz.abc.commvault.com |
Client3 |
Fourth_Client |
test |
xyz.abc.commvault.com |
Client4 |
Results for Non-Privileged User
name |
net_hostname |
csHostName |
displayName |
xxxxxnt |
xxxxxcom |
xxxxxcom |
Cxxxx1 |
x_xxxxnt |
axxxxcom |
xxxxxcom |
Cxxxx2 |
Anxxxx_Client |
rxxxxcom |
xxxxxcom |
Cxxxx3 |
Fourth_xxxxxx |
txxx |
xxxxxcom |
Cxxxx4 |