How to Partner Cyber-Resilience with Business Functions for a More Secure and Profitable Institution

Numerous experts, including McKinsey & Company, have reported extensively on the topic of how cyber-resilience partnered with business functions equates to “a more secure and profitable institution.” Not surprisingly, most advise that cyber-resilience, security and profitability are among the top goals of virtually every business organization today and moving ahead into 2022. Where the dichotomy in opinion seems to begin is how best to achieve these goals.

HA + DR = Cyber-Resilience

In the database world, as well as elsewhere, high availability (HA) and disaster recovery (DR) are sometimes confused—or even considered to be the same thing. HA is the ability of a database and its associated services to operate continuously without failing and to deliver an agreed service level (SLA) of operational uptime, whereas DR is the ability to recover data/databases and maintain/regain services after an outage event, or a natural or manmade catastrophe. Ensuring just one or the other does not equate to cyber-resilience. You really must have both.

Microsoft SQL Server Remains a Priority but Can Be Challenging 

Microsoft SQL Server remains one of the most deployed relational database management systems (RDMS) in the world, serving as the underpinning of numerous business functions. In 2020, listed Microsoft SQL Server in the top three most popular databases. In the rankings article, author Jakub Romanowski stated, “Many companies trust Microsoft, use other solutions from this company, and do not want to include anything else in their IT ecosystem.” He added, “Every dollar you spend on learning MS SQL Server will pay off.”

What’s more, Romanowski pointed out that Microsoft also offers the cloud-based Azure platform. This means that organizations can avoid installing MS Server on a physical computer by putting it on the cloud instead, Romanowski explained. “This facilitates database work for multiple users and also keeps things safer than a single onsite installation.”

Even so, ensuring database HA and DR is quite challenging, and there are multiple obstacles to overcome in several areas including:

  • Resilience
  • Security
  • Scalability (across not only on-prem locations but remote sites and clouds)

The fact is that while today’s world is connected, it is also very fragile. Organizations are tasked with providing database resiliency both between and within availability zones or regions. There are of course also security concerns: even as data continuously moves between isolated networks (including availability zones and regions), companies must ensure the integrity of that data. What’s more, enterprises must also keep scalability top of mind. In response to quickly changing behaviors and expectations, businesses must find a way to not only manage the number of database instances but additionally scale them.

The Primary HA/DR Challenge

To ensure optimal remote data protection, users of the new class of cloud-based Microsoft SQL Server must determine how to reliably harness the full power of SQL’s DR capabilities and HA for local HA. But there’s been a key obstacle until recently, one that has a big impact on SQL Server. If your company wanted to use SQL Server on Linux for both HA and DR, you had to choose between two “evils,” so to speak:

  • The first suboptimal choice was to use a Pacemaker-based solution. For DR, this relies on virtual private networks (VPNs) while needing separate clusters for availability groups and HA instances.
  • The second option, also not ideal, was to use VPNs for DR and combine HA SQL Server instances with another solution for data replication—whether replicating the full virtual machine, storage, block-level, and so forth.

The result of attempting to implement all of this—clusters for SQL Server availability groups (AGs), Pacemaker, and VPNs—could be aptly described as a cobbled together “Frankenstein” effort that doesn’t work well. It not only lacks scalability and fails recovery time objective (RTO) and recovery point objective (RPO) requirements, but it also has insufficient data security due to VPNs. Lastly, such a “science project” is costly and not financially sustainable.

Shifting Gears to a More Effective Use Case

Let’s compare the difference between the “Frankenstein” method described above and a more effective solution—smart availability software that runs on top of SQL Server. Take the example of a large fintech company that considered using a SQL Server AG, Pacemaker clusters and direct network connections. This financial services firm found the proposed architecture had the following issues:

  • Local HA and DR architecture that was overly complex and unreliable
  • Cluster management that was problematic due to the hodgepodge of more than one incompatible clustering technology
  • Manual failover management between clusters and data centers, resulting in challenges with RTO from long system outages
  • A pricey infrastructure that required ongoing maintenance

Not happy with these results (and understandably so), the company sought a better solution. After implementing multi-platform smart availability clustering software to run on top of SQL Server, the fintech firm experienced better uptime and speedier transaction processing. The key was utilizing smart availability software for SQL Server that will solve several pain points in comparison to the first use case above:

  • Increasing the performance of SQL Server AGs
  • Simplifying SQL Server workload management
  • Responding to requirements from channel partners and end customers for better database resilience from SQL Server
  • Offering Zero Trust security
  • Providing scalability across clouds both public and private, and between locations both remote and on-premise

For an organization that needs to combine remote data protection with local HA, the company can conceivably slash its SQL Server costs in half.

Solving the Needs

The second use case of smart availability clustering software that runs on top of SQL Server has many clear advantages, centering around simple-to-implement, smart HA and DR, almost no downtime, workload portability, infrastructure freedom, and cost savings. With simple system management, evergreen infrastructure compatibility, and an easier, standardized local HA and DR architecture, this single cluster set-up creates the cyber-resiliency that enterprises need. Smart availability software:

  • Boosts RPO using micro-tunnels for three times the SQL Server AG performance
  • Allows for ultra-fast (sub-15 second) RTO
  • Facilitates easy end-to-end automatic failover management

Data safeguards are another benefit of this approach. In fact, you can find patented SDP technology with some of the latest smart availability software, which offers secure multi-site, multi-cloud network communications. Significantly, this type of software also removes the VPN lateral network attack surface, resulting in strong network security. Last but far from least, smart availability software saves on costs and offers a high ROI. It gets rid of server replication and the need to use VPNs, additional SQL Server licenses, and more than one clustering technology (Pacemaker or Windows Server Failover Cluster.)

Here’s the thing: While smart availability software isn’t the first enterprise data management system that offers HA clustering, other technologies are simply much less efficient in the cloud and between data centers. Since having both HA and DR capabilities is critical for cyber-resilience, new smart availability software is the way to go since it addresses the challenges that other solutions don’t, relying on cross-cloud, hybrid IT, and data center to data center clustering technology. The software works particularly well with Microsoft SQL Server and helps organizations deploy HA, distributed SQL Server clusters on both Linux and Windows. Finally, the software eliminates both the performance problems and complexity of traditional solutions, emerging as the clear winner when compared with other clustering, replication, and VPN technologies.