Sometimes an app needs to read records but shouldn’t see everything inside them — like SSNs, emails, or phone numbers. Azure SQL can handle that by storing the raw values but applying masking rules automatically, so the database decides what each caller is allowed to see. The example in the post shows a simple table with sensitive fields and built‑in masking turned on.