As a remote data infrastructure services provider, documenting the activities we perform, as well as our customers’ environments, is critical to our success. RDX currently supports thousands (and thousands) of database ecosystems ranging in complexity from simple to “making your hair stand on end.”
My customers hold my organization to extremely high standards. Rightfully so, they have turned over the keys to their most sensitive and mission-critical data stores to RDX. At the end of every email blast I send to our customer base, I end it with, “I personally appreciate you placing your trust in us to administer and safeguard your most valuable data assets. We take that responsibility very seriously here at RDX.” Stating that we take that responsibility seriously is kind of like saying the Titanic sprung a small leak.
Although the importance of a well thought out and detailed documentation library is blatantly obvious, creating documentation is the task most often postponed by an overworked DBA unit.
Documenting processes, procedures and best practices is a task that is often considered to be boring and mundane. Most DBAs would rather perform virtually any other activity than sit in front of a screen using a word processor. As a result, creating documentation is often postponed until the DBA has a little free time to kill. Today’s database administration units are operating with smaller staffs, tighter budgets and ever-increasing workloads. The end result is that the documentation is either never created or created and not kept current.
However, a robust detailed documentation library creates an environment that is less complex, less error-prone, reduces the amount of time DBAs spend learning new database environments and reduces the overall time spent on day-to-day support activities. DBAs are able to spend more time administering the environment rather than finding the objects they are trying to support and the processes and programs used to administer them.
The nature of my business as a remote services provider demands excellent documentation. The majority of environments we administer weren’t designed by my organization. The only way that we can ensure high quality and high-speed administration of these environments is to document them thoroughly. We document everything from initial connectivity and customer contact sheets to detailed information on database and server information, batch job streams and individual program execution (what it does, run-time windows). If we need to be aware of it, we have it documented.
Documentation is also the foundation of many of the other disciplines I will be discussing in future blogs. Let’s continue our discussion with a few helpful hints to get you started.
Understanding the Important Role Good Documentation Plays
We all generally understand the benefits that documentation provides. I think that all readers will see the importance I personally place on documentation in upcoming blogs.
Let me reaffirm my opinion in this one sentence: Good documentation is the foundation that high-quality data infrastructure services are built upon.
Creating an Organizational Environment That Fosters Good Documentation
I’ve been the Vice President of Service Delivery at RDX for 6 years now. It is my responsibility as manager to create an environment that fosters the production of robust and high-quality documentation. Let me describe some of the challenges that I have faced in the past at other organizations and how I have overcome them.
Since I view high quality documentation to be my responsibility as a manager, I ensure that it becomes part of every DBA’s performance appraisal criteria, including my own. If it isn’t on my, and my unit’s, performance appraisal forms, I will ask to have it added or make my own personal addendum and notify both the DBA team and management that I have done so.
I will add time for documentation when I estimate the amount of time it will take me to perform an administrative task during project planning meetings. I don’t settle for “we can do that after the project is complete” as an answer.
If you continuously sell the importance of documentation, sooner or later, you will begin to wear your opponents down. Although I prefer to call it “being relentless,” I’m sure that many of the application development managers (and my own managers) viewed it as “being a ….” (insert your favorite description here).
Every document I have created that provides a list of activities I , or my unit, need to perform during a project has documentation included. It helps to integrate it into the fabric and culture of my organization’s environment.
Making Documentation Second Nature
You also need to ensure that generating documentation becomes a natural part of your daily activities. You must continuously remind yourself that documentation is a primary and integral part of providing high-quality support services to your customers.
You must also remind yourself that it makes your job easier and benefits your fellow DBAs. It is a recipe for disaster when a fellow DBA needs to be out of the office for a time and asks another DBA to “help them out” by performing a complex, application-specific administrative activity and then tries to verbally tell them how to perform the 326 steps it takes to execute it.
Did you ever try to refresh an ERP application test environment from production when that test environment doesn’t have enough space to hold all of production’s data? 4,000 steps later, you begin to second-guess your choice of professions. That was the exact request from one of my fellow DBAs when I first started in this profession, and it quickly taught me the importance of good documentation. Not only did he get me to do the refresh, but I also had to document the process for him along the way. Some call that being a good coworker; I would view that as having a big sucker taped to my forehead.
The moral of this story is this: If you don’t want to be the only one that can perform that 900 step ERP application production to test refresh, document it! If you don’t want to be called by the on-call DBA because he doesn’t know exactly where to add a file in an emergency situation (like someone forgetting to tell you that they were loading 10 million additional rows into that 100 row table), document it! The more you document, the easier your life as a DBA becomes.
I’ve never had a photographic memory. It makes generating documentation easy for me. I also like to write, and that helps, but I will admit that there are times that I would rather perform virtually any other activity than document.
However, it has become easier because I continuously reaffirm to myself the importance of documentation. The more you reinforce that to yourself, the more second nature (and easier) it becomes.
Making Documentation Easy
I’m a huge fan of documentation templates. Here at RDX, we have templates and Standard Operating Procedures for everything we document. If it is repeatable or a complex process, we have an SOP for it. We have templates for documenting connections to our customers’ environments, their backup and recovery environments and their application specific processes, to name a few. If it needs to be documented on a regular basis, we have a template for it. We also have generic templates for documenting environments and activities that don’t fit into other templates.
Word Documents and Templates
Word document templates provide many features that streamline the documentation process and help to improve the quality of the content they store. I try to take advantage of as many features as I can. I use drop-down selection menus, check boxes and radio push buttons to improve the speed and quality of the documentation process. I also take advantage of the help pop-up feature that Microsoft Word provides to create a detailed description of what information is to be entered into that field, check box or radio button.
We heavily utilize Wikis to intelligently and securely display information about the environments we are tasked with supporting. A common, menu-driven interface has been designed, tuned and tweaked over our 20 year history. The Wiki’s contents include customer contact and escalation information, detailed database/server information, customer change management procedures, RDX DBAs assigned to the account, on-call team assigned, non-sensitive connection information (VPN type, VPn vendor, etc) and job information. The Wiki page also links to current tickets, current time cards and a history of past problems contained in our problem resolution library.
The Wiki content is controlled by a well-defined change management procedure and relies upon Wiki templates to ensure information is stored and displayed in a common format that adheres to RDX specifications. Once again, templates help improve the quality of content, speed data entry and ensure a uniformity of display pages and menus. We constantly review the Wiki for content and usability as well as leverage new Wiki features as they are released.
Database-Driven Content Managers
There are dozens of software companies that offer content management solutions. Database vendors have also recognized this as a lucrative market. All of the major database vendors now offer advanced content management software, each one trying to outdo the other in the number of bells and whistles that their products offer. Do a quick search on Google for documentation content management software, and you will find out just how many competing products there are.
Content management products offer check-in/check-out features, document versioning, web portal access and advanced workflow capabilities to name just a few of the features designed to improve content management. The competition in the content management market space is fierce to say the least. Content management vendors know that continuously adding new bells and whistles to their products is not just important for increasing market share, but it also is critical for their survival. Product costs can range from thousands to tens of thousands of dollars (or more).
If you have the funds and your management understands the benefits that a full-blown content management package provides, by all means begin a content management product analysis. But if you don’t have the funds, create a shared drive on your network and declare it to be the “DBA Documentation Portal.”
What to Document
By all means, this is not an all-inclusive list of what can be documented. Consider it as a starter kit to help you begin your quest for “documentis nirvanas.” Is some of this overkill for your particular environment? Maybe, but just consider this a general, high-level list. Since most readers will work for a single organization, I’m focusing my recommendations on DBA units that support one corporate environment.
Database Environment Documentation
- Naming conventions
- Servers (server names, operating system release, hardware vendor)
- Databases (vendor, database version, features enabled)
- Application type (i.e. data warehouse, online transaction processing, decision support, third-party application name and functionality it provides).
- Business unit requirements and related information for supported databases
- Uptime requirements (i.e. 24 X 7, 8 X 5)
- Database downtime windows
- Critical job processes
- Business unit and application developer contact lists
- Turnover windows for database changes
- Problem notification and escalation procedures
- Security sensitivity- How sensitive is the data?
- Repeatable administrative processes (covered in an upcoming blog)
- Backups – Probably the most critical set of documentation you will ever create- Document how it is backed up, what scripts back it up, where the backup is going to, retention periods and backup message directories. If it is involved with a backup, DOCUMENT IT. Review the document with other units that are involved in the backup and recovery process. It is your responsibility to ensure that you don’t hear an operator say, “What retention period? Nobody told me we were to have a retention on these files” when you are in a recovery situation. Remember that Oracle states that human error, including miscommunications, is responsible for over 90% of failed recoveries. If you want to reduce recovery failures, DOCUMENT THE PROCESS AND REVIEW IT.
- Anything else you run on a regular basis to support a specific application
- Change management- I’ll be spending an entire blog, or two, on this
- A daily monitoring activity checklist to ensure that no activity is missed- We have daily, weekly and monthly activities that are to be performed for each of our customers
- Complex administrative activities performed regularly
- Test and reporting database refreshes
- Data reorganizations
- Disaster recovery tests- The processes required to perform the recovery AND the criteria that will be used to evaluate whether it was successful or not
- DBA-specific stored PL/SQL and TSQL programs
- Day-to-day support scripts (where they are and what they do)
- Monitoring scripts (where they are and what they do)
- Scripts used to perform database administrative changes- I personally utilized specific directories that provide output from critical database changes that I have performed and other directories containing the SQL used to make that change
- Operating system scripts- Document what the script does in the beginning of each of your scripts. Did you ever try to determine what a 400 line script does that was created by someone who knows much more about UNIX scripting than you do? We have all been in that position at one time or another during our career. Make it easy on your coworkers to understand what the script does by putting comments at the top of the script as well as in the body. Also keep a running history of script changes, what they were and the time they were made
Database Administration Unit Organizational Documentation
- Contact Information
- DBA roles and responsibilities- Which applications, databases and tasks they are responsible for supporting
- DBA unavailability- Allows application developers to plan for a DBA not being available
It is a good practice to distribute this information to all business units supported by the database administration unit.
I hope you enjoyed this blog on documentation and the important role it plays.
Effectively being able to store and manage big data is more than simply having a lot of hard disk space.
The variety and complexity of the information produced by Internet-connected assets has forced database administration services to adapt to new processes and environments. Their focus on accessibility and security hasn't wavered, but the manner in which they approach these priorities has transformed.
Solving the puzzle: structured and unstructured data
BrightPlanet, a company that specializes in harvesting data from the Internet, outlined the differences between unstructured and structured data. While volume has always challenged databases to hold massive troves of organized intelligence, one of the chief difficulties resides in the act of actually arranging it.
- Structured: Pertains to data that is highly constructed and easy to query and is typically held in relational database systems. A spreadsheet is an example of structured information.
- Unstructured: Applicable to data that doesn't subscribe to a particular architecture and is usually stored in NoSQL databases, which run complex algorithms to create environments capable of managing it. Social media posts are examples of unstructured information.
What does this mean for remote database services?
According to MongoDB, conventional DBA practices needed to become more agile in order to be able to query large collections of unstructured data, giving birth to NoSQL databases. This access language sanctioned the development of "document" storage, which has spawned the following benefits:
- Documents are regarded as independent entities, which makes it simpler to transport data across multiple virtual locations.
- SQL queries don't need to be translated from object to application.
- Because a document contains whatever values the software language requires, unstructured data is easy to store.
In response to this development, DBAs learned the administrative languages and tools needed to launch and manage document-based data environments.
Different program, same responsibilities
As one can imagine, DBAs are still expected to perform the same database active monitoring tasks they have been around since the inception of digital information storage. There are also a number of additional responsibilities these professionals are undertaking:
- Understanding how clients plan on using the data. Are they simply looking to scrutinize it or allow applications to make intelligent decisions with it?
- Securing firewall access. What tactics are cybercriminals employing in an attempt to penetrate these environments?
- Managing and monitoring performance. How well are software deployments adapting to unstructured data?
Outsourcing to DBAs knowledgeable in contemporary enterprise needs and NoSQL databases may be a good tactic for organizations to use.
As hospital personnel continue to access patient records through mobile devices, health care organizations are taking new approaches to database security.
Assessing initial requirements
The best way for CIOs in the medical industry to measure the performance of their server protection strategies is to ensure all software deployments are compliant with the Health Insurance Portability and Accountability Act. Information Week contributor Jason Wang acknowledged the basic requirements HIPAA obligates mobile applications and networks to possess:
- Authorized, defended user access to protected health information
- Encryption features that hide sensitive data from unsanctioned personnel
- Routine security updates to eliminate bugs or loopholes in the network
- A remote access data elimination feature that can be activated by administrators in the event a mobile device is lost, stolen or compromised
- A solid business continuity/disaster recovery framework that can be tested on a regular basis
With these points in mind, health care organizations would greatly benefit from having a third party develop an enterprise-wide mobile application for their facilities. Salesforce CRM in particular is a solid option for those looking to install such an implementation, primarily due to its reputation for having HIPAA-compliant security features.
The risks involved
Many medical professionals believe employing a mobile network will help their subordinates allot more attention to patients. While this concept may be true, there are a number of threats that left unacknowledged could infect such a system. Having a third-party company constantly conduct database active monitoring tasks is imperative to deterring the following dangers:
- Mobile devices, as well as wearables, are easily misplaced, meaning that those who come across these mechanisms could access private patient information
- As a number of health care providers are communicating with patients through social media – malware and other Web-based attacks could be funneled through such mediums to infect devices.
- Because mobile keyboards are rudimentary, users are more likely to use uncomplicated passwords that can easily be unmasked.
Be a smart user
Database administration needs aside, health care companies must also provide personnel with a secure line of communication. HIT Consultant noted that text messaging is a solid way for hospital staff to transfer information quickly and on the go, but the avenue lacks the encryption technology necessary to keep these communications secure.
Installing an encoding program geared specifically toward mobile text messaging is a good move to make. However, employees should also be cognizant of the fact that they should not explicitly share vital information, if they can help it.
Aside from the techniques they use, the most dangerous tool hackers have at their disposal is the ability to network with organized criminal syndicates.
Many experienced deviants who have made an unorthodox, yet profitable career out of unlawful behavior have realized that the Internet provides them with relatively safe avenues to steal money. These figures hold no biases regarding who they target, attacking enterprise servers and consumer computers.
The best way to deter these persistent criminals from succeeding is by employing database activity monitoring, malware detection software and staff members skilled in the craft of information protection. The latter factor is particularly important, as those who have encountered aggressive cyberattacks likely know how to defend networks against them.
The strength of a network
According to PC World, French and Romanian officials razed a cybercriminal organization comprised of Romanian citizens, who used malware to infect the databases of money transfer enterprises in Germany, Norway, the United Kingdom, Austria and Belgium. European law enforcement agency Europol noted the figures used remote access Trojans to infiltrate the systems, allowing them to conduct unsanctioned transactions.
The Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), reported that the illicit organizations would deliver fictitious money transfers from sham people to real recipients. In one instance, a franchisor lost $800,000 as a result of the scheme.
Cybercriminals are recognizing that enterprises have been tightening database security in response to such attacks, leading them to utilize more sophisticated techniques. ZDNet contributor Charlie Osborne referenced Gyges, a form of espionage malware engineered by government developers, as being one of the most difficult deployments to detect.
She cited a recent report conducted by Sentinel Labs, which surmised that the malicious software likely originated from Russia and is "virtually invisible." The program can remain active for long periods of time, unbeknown to victims. Hackers are now reengineering Gyges to create more advanced ransomware and rootkits, the latter of which are codes that shield covert processes from detection.
One of the characteristics that makes Gyges so tricky is its ability to infiltrate systems when users remain inactive, a significant digression from processes employed by conventional malware. In addition, Gyges is capable of transporting other forms of malicious code that can be initiated once the desired target has been reached.
Between organized criminal networks and government-grade malware at the disposal of cybercriminals, it's safe to say organizations need to find ways to optimize their database protection.
The post Cybercriminals using more tools, are better connected appeared first on Remote DBA Experts.
Companies new to the world of cloud computing often express apprehension in regard to security.
Unsure as to how internal teams are supposed to deploy effective protection, a number choose to outsource to database administration services capable of monitoring all network and server activity around the clock. As there are so many such companies to choose from, some enterprises are unclear as to what they should be looking for.
Gilad Paran-Nassani, a contributor to SYS-CON, acknowledged the puzzle organizations encounter when weighing cloud deployment capabilities with IT defenses. He outlined a number of points leaders should be sure to cover before signing a contract with a database security provider:
- Define who can access information: In addition to assigning company personnel the authorization codes, organizations should get a clear idea of who on the DBA end of the operation can obtain and view data. Any opacity in this regard should be thoroughly assessed.
- Know how data is encrypted in the cloud: The CIO and managers of the DBA service should sit down and outline how information will be hidden during transfers. Make sure there are no loopholes in the procedure and that it can be adjusted to new security needs.
- Conduct a background check: Get into contact with the prospective DBA's customers and ask them questions regarding their own experiences. In addition, ask the business to provide a list of any credentials pertaining to cloud platform protection.
What to look for
When seeking out a company that can provide remote database management for cloud environments, or on-premise solutions for that matter, there are a number of enterprise characteristics businesses should favor. MSPmentor contributor Michael Brown outlined four elements executives should look for when speaking with DBA services face-to-face:
- A fundamental concept: If the professionals on the other end of the table have a unique approach to how they tackle security, then they're most likely a sure bet.
- Honesty: A cloud security provider that acknowledges past mistakes and explains how it has evolved from those mishaps is filled with motivated, adaptable individuals.
- Transparency: When answering tough questions, a DBA should divulge its capabilities and shortcomings so trust can be quickly established.
- Commitment: Dedication should go beyond day-to-day security amenities. A DBA must seek ways to improve protection while ensuring system workability on a consistent basis.
As one can observe, selecting the right DBA to protect enterprise cloud environments requires human characteristics as well as technical ability. These considerations will help organizations find the right fit.
The post What to look for in a cloud database security company appeared first on Remote DBA Experts.
A reputed professional recently discovered a bug in one of Oracle's key security implementations, which may prompt some of its customers to seek active database monitoring solutions.
A good start, but needs work
According to Dark Reading, David Litchfield, one of the world's most well-recognized database protection experts, recently discovered a couple of faults in Oracle's redaction feature for its 12c servers. The defensive measure allows database administrators to mask sensitive information from malicious figures.
Although Litchfield regarded the feature as a good deployment, he asserted that a highly skilled hacker would be capable of bypassing the function. He noted that employing a type of Web-based SQL injection is a feasible way for an unauthorized party to gain access to information. Litchfield is expected to demonstrate this technique among others at Black Hat USA in Las Vegas next month.
"To be fair, it's a good step in the right direction," said Litchfield, as quoted by the source. "Even if a patch isn't available from Oracle, it's going to protect you in 80 percent of the cases. No one really know how to bypass it at this point."
Although Oracle is working to mitigate this problem, enterprises need to wonder what's going to protect them from the other 20 percent of instances. Having a staff of remote database support professionals actively monitor all server activity is arguably the most secure option available.
Specifically, Oracle customers require assistance from those possessing the wherewithal to defend databases from SQL injection attacks. Network World outlined a few situations in which this invasive technique has caused harrowing experiences for retailers:
- In the winter of 2007, malware was inserted into Heartland Payment Systems' transaction processing system, resulting in 130 million stolen card numbers.
- In early November 2007, Hannaford Brothers sustained a malicious software attack that led to the theft of 4.2 million card access codes.
- Between January 2011 and March 2012, a series of SQL injection endeavors against Global Payment Systems incited $92.7 million in losses.
Take the simple steps
Network World acknowledged the importance of treating routine processes as critical features. For example, forgetting to close a database after testing the system for vulnerabilities is negligence that can't be afforded to transpire.
In addition, it's imperative that enterprises understand the mapping of their database architectures. This protocol can be realized when organizations employ consistent surveillance of all activity, allowing professionals to see which channels are the most active and what kind of data is flowing through them.
The post Oracle users may require remote database management appeared first on Remote DBA Experts.
As hurricane season gets longer and businesses grow more reliant on technology, having a smart disaster recovery plan in place is essential. A major part of maintaining database security involves ensuring that the system can be rebooted or accessed in the event of a major power outage.
Eric Webster, a contributor to Channel Partners Online, referenced a survey of 600 small and medium-sized businesses conducted by Alibaba.com, Vendio, and Auctiva in 2013, noting that 74 percent of respondents have no DR/business continuity plan in place. Another 71 percent of SMBs lack a backup generator to keep the data center running.
Essentially, this means that a large number of enterprises won't be able to conduct any activities in the event their operations shut down. Because technology is so heavily integrated into day-to-day workflows, professionals don't realize how mission critical databases are until they can't be accessed anymore.
Battening down the hatches
So, what can be done to prepare for a data center outage? TechRadar noted that implementing a DR/BC strategy involves a step-by-step process:
- If working with a cloud services provider, partner with a company known for building accessible, recoverable infrastructures.
- Set up data centers in easily reachable, strategically placed locations to exercise a low risk of failure.
- Figure out whether a dedicated communications link or a virtual private network is the best way to connect with databases.
- Regularly conduct tests on the system, which should be measured by performance and task completion.
Webster acknowledged the benefits of hiring a remote database support service to initiate DR/BC tests, manage and organize recovery strategies and monitor databases 24/7/365.
The key advantage of outsourcing to a managed services provider is that in the event a major storm is forecasted, database administrators can quickly implement backup strategies so that applications, stored information and platforms aren't lost.
With DBAs in mind, it's important to acknowledge that many such professionals now offer Recovery-as-a-Service, working with cloud environments to launch and maintain DR/BC. Webster outlined how this process works:
- An enterprise's tangible and/or virtual databases deliver images of their environments to the cloud on a regular basis
- If a super storm shuts down a data center, its virtual version can be maintained by and accessed through the cloud environment.
Webster acknowledged that this service model is more affordable than conventional DR/BC strategies. Recovery can occur more quickly and separate hard disks containing data identical to the information in on-premise servers don't need to be used.
In an effort to keep up with the times, many financial institutions have implemented e-banking applications that allow customers to access and manage their finances on the Web or through their smartphones.
Although electronic solutions may boost satisfaction rates and make it easier for account holders to transfer funds, they can cause major database security woes if proper protective measures aren't taken. As of late, there have been two kinds of malware banks have had to contend with.
Attacking the mobile arena
Because it's easy for consumers to get caught up in the luxury of viewing checking information on their smartphones, many forget to follow necessary, defensive protocols. According to ITPro, a new remote access Trojan, named com.II, is targeting Android devices and zeroing in on users with mobile banking applications.
The source noted that the malware abides by the following process:
- Undermines any security software that's installed
- Scans the device for eBanking programs
- Replaces any such tools with fraudulent ones
- Implements fabricated application updates
- Steals and delivers short message service notifications to access contact lists.
Paco Hope, principal consultant with Cigital, a firm based in the United Kingdom, surmised that the malicious software could infect global banking populations, as it's capable of being manipulated to abide by different languages.
To prevent the program from entering bank accounts and stealing funds, active database monitoring should be employed by enterprises offering e-banking apps. Com.II has the ability to conduct thorough surveillance of individual checking and savings records, allowing the malware's administrators to potentially carry out transactions.
Under the radar
Many programmers harboring ill intentions have found a way to make malicious software basically unrecognizable. MarketWatch acknowledged a new breed of malware, dubbed Emotet, that tricks people into giving it access to bank accounts. The news source outlined the deployment's protocol.
- Spam messages are sent to victims' emails
- The contents of those notices detail financial transactions and include links
- Upon clicking the link, the malware activates code that sits in browsers
- Once a person visits a bank website, the program can monitor all activity
Trend Micro Vice President of Technology and Solutions JD Sherry asserted that the language used within the encoded messages appears authentic. This makes it easy for individuals to fall victim to the scam.
The administrator's side of the equation
Although it's important for e-banking customers to install adequate malware protection programs, the enterprises administering electronic solutions must find a way to defend their accounts. Constant database surveillance needs to be employed so that security breaches don't get out of hand in the event they occur.
The post Malware stirs database security concerns for banks appeared first on Remote DBA Experts.
Leveraging Collective Knowledge and Subject Matter Experts to Improve the Quality of Database Support
The database engine plays a strategic role in the majority of organizations. It provides the mechanism to store physical data along with business rules and executable business logic. The database’s area of influence has expanded to a point where it has become the heart of the modern IT infrastructure. Because of its importance, enterprises expect their databases to be reliable, secure and available.
Rapid advances in database technology combined with relatively high database licensing and support costs compel IT executives to ensure that their organization fully utilizes the database product’s entire feature set. The more solutions the database inherently provides, the more cost effective it becomes. These integrated features allow technicians to solve business problems without the additional costs of writing custom code and/or integrating multiple vendor solutions.
The issue then becomes one of database complexity. As database vendors incorporate new features into the database, it becomes more complex to administer. Modern database administrators require a high level of training to be able to effectively administer the environments they support. Without adequate training, problems are commonplace, availability suffers and the database’s inherent features are not fully utilized.The Benefits of Collective Knowledge
Successful database administration units understand that providing better support to their customers not only comes from advances in technology but also from organizational innovation. The selection of support-related technologies is important, but it is the effective implementation and administration of those technologies that is critical to organizational success.
Database team managers should constantly leverage the collective knowledge of their entire support staff to improve the quality of support the team provides and reduce the amount of time required to solve problems.
One strategy to build the team’s expertise is to motivate individual team members to become Subject Matter Experts in key database disciplines. This strategy is performed informally hundreds of times in IT daily. A support professional is required to perform a given task and “gets stuck”. They spin their wheels and then decide to run down the hall and find someone they feel can provide them with advice. They consult with one or more fellow team members to solve the problem at hand.
The recommendation is to have a more formal strategy in place so that each team member, in addition to their daily support responsibilities, becomes a deep-dive specialist in a given database discipline. Their fellow team members are then able to draw from that expertise.Increasing the Efficiency of Support- Subject Matter Experts
The database environment has become so complex that it precludes database administrators from becoming true experts in all facets of database technology. RDX’s large administrative staff allows it to increase efficiency by creating specialists in key database disciplines. In addition to expertise in providing day-to-day support, each of RDX’s support staff members is required to become an expert in one or more database disciplines including backup and recovery, highly available architectures, SQL tuning, database performance, database monitoring, UNIX/Windows scripting and database security.
RDX allocates the support person with the highest-level skill sets in that particular task to provide the service requested by the customer. This methodology ensures that the customer gets the most experienced person available to perform complex tasks. Who do you want to install that 5 node Oracle RAC cluster? A team member that has limited knowledge or one that has extensively studied Oracle’s high availability architecture and performs RAC installations on a daily basis?
Although your team may only consist of a ½ dozen administrators, that doesn’t mean that you aren’t able to leverage the benefits that the Subject Matter Experts strategy provides. Identify personnel on the team that are interested in a particular database support discipline (i.e. security, database performance, SQL Performance, scripting, etc.) and encourage them to build their expertise in those areas. If they are interested in high availability, send them to classes, offer to reimburse them for books on that topic and/or allocate time for them to review HA specific websites. Focus on the areas that are most critical to the needs of your shop. For instance, is your company having lots of SQL statement performance problems? A sound strategy is to have one of your team members focus on SQL tuning and support them throughout the entire educational process.
Also consider special skills during the DBA interview and selection process. At RDX, we always look for candidates that are able to provide deep-dive expertise in key database support disciplines. We have several DBAs on staff that have strong application development backgrounds including SQL performance tuning. This was in addition to possessing a strong background in database administration. We use the same strategy for HA architectures, and we look for candidates that have strong skills in any database advanced feature. We’re able to leverage that expertise for the customer’s benefit. The same strategy can be applied to any size team. Look for candidates that excel in database administration but are also strong in key areas that will improve your ability to support your internal customers.
In addition, you can also draw expertise from other teams. For example, you may have access to an application developer who is strong in SQL coding and tuning or an operating system administrator that excels in scripting. Build relationships with those personnel and leverage their experience and skill sets when needed. Ask them to provide recommendations on training to your team or assist when critical problems occur. Technicians are usually more than happy to be asked to help. Just make sure to be courteous when asking and thank them (and their manager) when they do help out.Reducing Downtime Duration by Faster Problem Resolution
RDX’s large staff also reduces the amount of time spent on troubleshooting and problem solving. RDX is able to leverage the expertise of a very large staff of database, operating system and middle-tier administrators. Additionally, RDX is able to leverage the team’s expertise to provide faster resolution to database performance issues and outages. Since the support staff works with many different companies, they have seen a number of different approaches to most situations.
Ninety-nine percent of our support technicians work at the same physical site. This allows RDX to create a “war room” strategy for brainstorming activities and problem solving. All technicians needed to create a solution or solve a problem are quickly brought to bear when the need arises. Support technicians come from varied backgrounds and have many different skill sets. RDX is able to leverage these skills without having to search for the right person or wait for a return call. Work can take place immediately.
This “war room” strategy works for any size team. When a significant issue occurs, leverage the entire team’s skill sets. Appoint yourself to be the gate keeper to ensure that the team remains focused on the goal of quick problem resolution and that the conversation continues to be productive. Brainpower counts, and the more collective knowledge you have at your disposal, the more effective your problem resolution activities become.Conclusion
Corporate information technology executives understand that their success relies upon their ability to cut costs and improve efficiency. Decreasing profit margins and increased competition in their market segment force them to continuously search for creative new solutions to reduce the cost of the services they provide. They also realize that this reduction in cost must not come at the expense of the quality of services their organization delivers.
RDX invites you to compare the benefits of our organizational architecture and quality improvement initiatives to our competitors, your in-house personnel or your on-site consultants. We firmly believe that our Collective Knowledge Support Model allows us to provide world class support.
The prevalence of the bring-your-own-device trend has incited new database security concerns while simultaneously improving employee performance.
Enterprises don't want to sacrifice worker productivity and happiness simply because server activity can't be properly managed. There's no reason to abandon BYOD. All it requires is assiduous surveillance, new usage protocols and network optimization.
The biggest concern comes within
Every organization has at least one staff member who couldn't be more dissatisfied with his or her current work situation. The idea of the disgruntled employee may seem somewhat cartoonish, but it's important that businesses consider the situation as a serious threat to data confidentiality.
Chris DiMarco, a contributor to InsideCounsel, acknowledged that mobile devices can be useful assets to personnel harboring ill intentions. David Long-Daniels, co-chairman of Greenberg Traurig's Global Labor & Employment Practice, noted that malicious activity can be carried out through smartphones in a number of ways, and it all starts with willingly sharing information.
"What happens if an individual leaves and you don't have a policy that allows you to wipe their device?" Long-Daniels posited, as quoted by the source.
Set up a protocol
Thankfully, there's a way you can deter malevolent employees from stealing critical information. Bret Arsenault, CIO of Microsoft and contributor to Dark Reading, noted that the software developer has successfully deterred deviancy by implementing database active monitoring and segregating personal and corporate data. He acknowledged that any device accessing company email must:
- Encrypt the information on the mechanism
- Be activated by a PIN
- Enable remote management and application updates to protect Microsoft's programs
Handling transactions off-premise has been a significant boon for Microsoft. The organization consistently deploys products that act as administrators between its own databases and the personal devices of employees. In addition, the solution allows Microsoft to remove any corporate intelligence from devices in the event the user leaves the enterprise.
Implement an access strategy
Depending on what hardware an employee is using and how trustworthy a worker is deemed to be, Microsoft defines how much database access a person will receive. Arsenault maintained that the business asks the following questions:
- What kind of email solution is an individual using? Is it personal or corporate?
- Is his or her device managed and authenticated by Microsoft or handled solely by the employee?
- Is the mechanism being used from a known or unidentified location?
With the aforementioned approaches in mind and sound remote database support at their backs, enterprises will be able to benefit from the flexible workflow BYOD offers without suffering from security woes.
The post Microsoft’s database administration strengthens BYOD security appeared first on Remote DBA Experts.