Hi,
I have done some testing regarding discovery and classification and notice scan did not find the views. I was expecting during the discovery the view is looked from design point of view, but instead of it looks fields from SELECT point of view. To explain in more details
I have a view where one of the column is credit_card_number, but in the view design it is named as dbo.credit_card_number AS xyz and when doing the scan, name based search does not see dbo.credit_card_number and it is missed, because of different naming. Only way to catch this field would be to use content based search, but what if you have information which could not be described with regex? Can this be security risk because discovery scan will never detect there is a view accessing confidential column and audit will never show it, even if you have table and column added on table group, because access is done over sql view. Is there any way to prevent this OOB?
Summary what I have tried to tell: if view is not added to table group because of custom naming, somebody could get confidential information without being aware.
Regards
#DatabaseActivityMonitoring------------------------------
Rok Ponikvar
SYSTEM ENGINEER
Ljubljana
------------------------------