Why you should add cyber-resilience to your business functions

Why you should add cyber-resilience to your business functions

Colorado-based Don Boxley, Co-founder and CEO, DH2i, tells us how companies can achieve the ambitious vision of pairing cyber-resilience and business functions.

Don Boxley, CEO and Co-Founder, DH2i

What do you get when you pair cyber-resilience with security and profitability? In short, nothing less than the top goals of businesses in every industry.

A recent McKinsey & Company report emphasized how cyber-resilience combined with business functions provides organizations with ‘a more secure and profitable institution.’

But while those facts are clear, what’s less transparent is how companies can best achieve this ambitious vision.

The cyber-resilience equation

High availability (HA) and Disaster Recovery (DR) are often misunderstood, but they are not the same thing. Ensuring just one or the other won’t provide an enterprise with cyber-resilience; both are needed. In other words, HA + DR = cyber-resilience.

Some definitions are in order to really grasp the distinction between these two functions:

  • High availability: A database’s ability, along with its associated services, to continue to operate without failing while offering an agreed service level (SLA) of operational uptime.
  • Disaster Recovery: The ability to recover data and/or databases while maintaining and regaining services on the heels of an outage or catastrophic event.

The challenges of Microsoft SQL server 

While Microsoft SQL Server is still among the most popular relational database management systems worldwide, underpinning many business functions, it’s not without its challenges-particularly when it comes to ensuring database HA and DR. Some specific obstacles include resilience, security and scalability, keeping in mind that it must scale across on-premises locations, remote sites and clouds.

Here’s the thing: while our world today is certainly well connected, it’s also extremely fragile.

What I mean by that is that enterprises must provide database resiliency between and within availability zones or regions, not to mention the security concerns always looming over every organization’s data.

Even as data keeps moving between isolated networks, businesses have to prioritize ensuring that data’s integrity. In response to a rapidly morphing environment, businesses must manage not just the number of database instances, but also always consider scalability issues.

Choosing between ‘2 evils’

Users of the new class of cloud-based Microsoft SQL Server need optimal remote data protection, which requires figuring out how to leverage the full power of SQL’s DR functionality and HA for local HA. But there’s been something preventing this until recently, a major obstacle with a serious impact on SQL Server. In order to use SQL Server on Linux for HA and DR together, IT needed to select between two ‘evils’, so to speak:

  • Using a Pacemaker-based solution. For DR, this meant relying on virtual private networks (VPNs), with separate clusters for availability groups and HA instances.
  • Using VPNs for DR and combining HA SQL Server instances with another solution for data replication. This would be needed whether replicating the full virtual machine, storage, block-level, etc.

As you might guess, the resulting implementation-cobbling together SQL Server clustering for SQL Server AGs, Pacemaker and VPNs – is more like a suboptimal ‘Frankenstein’ effort. It lacks scalability, fails recovery time objective (RTO) and recovery point objective (RPO) requirements, and thanks to VPNs, has insufficient data security. This type of ‘science project’ is also quite expensive, making it unrealistic for many organizations.

A smarter use case

Rather than relying on the ‘Frankenstein’ method, a more effective solution is Smart Availability software, which runs on top of SQL Server. Here’s an example of what this might look like for a large fintech company, which initially considered using a SQL Server AG, Pacemaker clusters and direct network connections. This firm found the proposed architecture suffered from several problems:

  • Complex, unreliable local HA and DR architecture
  • Clunky cluster management because of the panoply of incompatible clustering technologies
  • Challenges with RTO from long system outages due to manual failover management between clusters and data centers
  • A costly infrastructure requiring continuous maintenance

Understandably disappointed with these results, the financial services company sought a superior solution and next implemented multi-platform Smart Availability SQL Server clustering software. The fintech company immediately enjoyed better uptime and quicker transaction processing. By leveraging Smart Availability SQL Server clustering software, the firm solved several pain points that made it the clear winner over the earlier use case: it increased the performance of SQL Server AGs, simplified SQL Server workload management, and responded to channel partners’ and end customers’ requirements for better database resilience from SQL Server.

This second use case also had the benefit of offering Zero Trust security and providing scalability across public and private clouds, and between remote and on-premises locations.

Last but not least, multi-platform Smart Availability SQL Server clustering software can help an organization that needs to combine remote data protection with local HA potentially chop its SQL Server costs in half.

In short, Smart Availability SQL Server clustering software eliminates the performance problems of traditional solutions, emerging as the clear winner when compared with VPN technologies.

There are many clear advantages to the software, from smart and simple HA and DR, to almost no downtime, workload portability, infrastructure freedom and cost savings. This single cluster setup creates the cyber-resiliency that enterprises need by offering simple system management, evergreen infrastructure compatibility, and standardized local HA and DR architecture.

Browse our latest issue

Intelligent CISO

View Magazine Archive