Documente Academic
Documente Profesional
Documente Cultură
Business uptime is critical to an organizations growth and revenue. In my earlier blog we read about the
importance of Data backup and recovery and how a well drafted recovery plan helps in getting your systems up
and running again quickly.
Typically businesses take a decision on an acceptable Recovery Time Objective (RTO) and a Recovery Point
Objective (RPO) for their systems based on the financial impact that they may suffer due to system unavailability.
There are many aspects that lead us to a selection of a data recovery mechanism and with advent of cloud base
storage solutions, organizations are presented with more options for data recovery model with this in tow, let us
compare data recovery in cloud with a traditional on premise datacenter.
Factor
Simplicity
Time
Cost
Now since we have established that for most of the applications and requirements a cloud based data recovery
service is better. Let us see some options for cloud data recovery.
Managed applications and managed DR
In this option, one puts both primary production and disaster recovery instances in cloud and have them both
managed by the CSP, With this one can derive and maximize the benefits of cloud computing such as pay as you
go and eliminating infrastructure investments
Organizations choosing this option must select the CSP with due diligence and negotiate a service level
agreement which is conducive for ones business objectives
Back up to and restore from the cloud
This option is a substitute for tape based offsite backups. In this approach the applications and data remain
on premise , with data being backed up on cloud regularly
When a disaster occurs, the data form cloud instance can be loaded on-premise and continue for the systems
to continue functioning
Back up to and restore to the cloud
Here, the data is stored in the cloud, but when the disaster occurs it isnt restored back on-premise, instead it
is stored in virtual machines in the cloud and start serving your business from there, which can easily be
achieved with Amazons Elastic Compute Cloud
Replication to virtual machines in the cloud
This approach is suitable for applications/data which are critical to a business and cannot suffer from
extended downtime.
These applications require a continuous data protection(CDP) to replicate changes in data immediately from
on-premise to cloud
Cloud provides many options w.r.t your requirements and budget especially for small and medium sized
businesses when compared to a traditional on premise data center. With growing adoption of cloud, we would
see more customization in data storage and tight recovery time SLAs.
References:
http://searchdisasterrecovery.techtarget.com/feature/Disaster-recovery-in-the-cloud-explained
I find this post interesting to note about business uptime which depends on the key considerations like
acceptable Recovery Time Objective (RTO) and Recovery Point Objective (RPO) for their systems based on the
financial impact that they may suffer due to system unavailability. I also find interesting about the cloud based
data recovery service.There are many aspects that leads us to a selection of data recovery mechanism and with
the advent of cloud based storage system,more organisations are moving towards it.
Data, whether its yours or your clients, small or large, on premise or in cloud, is pivotal to business growth. We
are all familiar with the advantages cloud based solutions bring to an organization in terms of flexibility, scalability
and agility. However due to security concerns businesses are in a dilemma over data backup and recovery in
cloud, as their confidential data will be handled by the cloud provider and they dont have full control over it. This
is one major roadblock, we can say which restricts application migration and data backup in cloud.
Let us consider that you have developed an application dealing with numerous financial transactions on a regular
basis (be it banking or ecommerce app with web and mobile access) by following all best practices and the
application is performing well with good number of concurrent users, handling security threats like cross site
scripting, DoS attacks etc. And you deploy the application on worlds leading cloud datacenter provider, say AWS,
Azure, Rackspace etc. who provides the best security for your data with the best antivirus, appropriate firewall
settings, providing communication over a secured channel, encrypted drives and what not. Your application is
generating millions of critical transaction records which enables you to function and provide service to your
customers and also gain interesting insights about them.
Now consider a situation when the datacenter location is compromised be it due to a natural calamity, a severe
power outage, hardware failure or data security breach. Also apart from these calamatic situations, there are
many more instances when you can lose access to your data either temporarily or forever. Following are some of
the data loss situations across IAAS, SAAS, PAAS and Cloud Storage in cloud
Ask if they provide secured multi location distributed file systems with data redundancy
Has your data been securely transferred and stored in the cloud?
Various Authentication options available for users- two factor model present?
The cloud providers reliability in terms of its availability and ability to serve your users in the event of a
disaster
In the next blog post in this series, we will discuss about Cloud Vs Traditional On Premise Data Recovery and the
various cloud data recovery options.
References:
http://searchstorage.techtarget.com/magazineContent/Blueprint-for-cloud-based-disaster-recovery
Data Security has rightly been among the top 5 priorities for CIOs for many straight years.
And nowadays with rise in building of applications having large user bases across the globe has resulted in
dynamic data usage patterns. Access routes have been increased to accommodate these patterns, and will
continue to do so. In this scenario making sure whether you business data is secure is pivotal to your growth.
With rise in cloud based and 3rd party storage solutions, adhering to data security standards and compliance
requirements around the globe, makes this problem statement further challenging.
One of the very important aspects of data security management is to ensure appropriate security controls are
applied at the core database level. The level of security required can be governed by the level of sensitive data
handled by the application. For example, an application dealing with Customers personal data and or financial
data would require more stringent security controls as compared to an application that deals with non-financial
data.
The applications need to be strong enough to hold fast to various data security related constraints by having all
the layers of application architecture secure enough. To bring robustness in your architecture for data security, it
is very important to have regular audit features at the database level for various events e.g. access patterns,
potential security breaches, malicious or unauthorized attempt to access data, potential weaknesses in
applications that may lead to breach in data security.
Audit Features in SQL Server helps in addressing these concerns and in making the data security policy robust.
SQL Server Audit offers various advantages and features in term of Security
With SQL Server one can conduct audit in two ways, one is, Instance level and other one is, database
level. For some cases we can define audit process at both levels.
SQL Server audit is fast and lightweight as compared to SQL Server profiler trace file. Because SQL
Server engine automatically manage the Audit event features and we can schedule a job for audit.
The setup of SQL Server audit can be very easy and manageable. By using T-SQL or Management
Studio we can easily configure the SQL Server audit feature.
Capture daily activities: In daily routine we are performing many activities on database level i.e. DML
and DDL operations. We can capture all these activities in audit log. If management wants to monitor DBAs
activities it can perform the audit job on both levels. We can capture and record individual user and object level
audit logs.
Viewing audit logs: we can view audit log on SQL Server itself or if required store physical hard copy of
the logs, on disk and import them from the disk to SQL server for analyzing the audit logs as and when
required.
Limitations of SQL Server Audit
Every coin has two sides, with benefits comes limitations. Here are the aspects which we can consider as SQL
server audit limitations:
As mentioned earlier, when SQL Server runs an audit job, most of the resources are used behind the
scene, hence audit jobs only run when required from security point of view and not on regular basis.
Its difficult to manage multiple instance audits from one centralized location. If required we need to write
some scripts for that.
Audit logs track each event at user level and object level. If we want to filter some events, this task has
to be performed manually.
We can view audit logs in audit viewer only. There is no inbuilt, up to mark report available. If required
we have to use SQL Server Reporting Services for that.
In a nutshell, Audit is a tool that allows Database administrators to capture all the events which were performed
on Database Server. My recommendation is, if you dont want to purchase any third party utility for Security of
your database, you can easily accomplish the same with Audit Feature.