Regularly Treat Your Databases to a S.P.A.

“Today’s DBAs have responsibilities that go far beyond their traditional role of data custodian.”

I was reading the infographic that Idera published about their accidental DBA survey results last week and wasn’t surprised at all by the results. I considered myself an accidental DBA when I was starting out in the industry and can totally relate to the challenges of what it means to be one. But the database landscape has definitely changed for the past decade or so. I still remember the time when a 10 GB Oracle database is considered a very large database (VLDB) and the maximum server RAM was 2 GB.

But what really caught my attention is the percentage of time that DBAs spend their days working on.


I totally understand that DBAs spend most of their time addressing performance issues because of the evolving nature of accumulated data. In fact, I use the trend in the size of the database as an unofficial metric of an organization’s growth. But what I find interesting (and somehow disturbing) are these two:

  • 8% on security
  • 2% on backup and recovery

As database professionals, we are the caretakers of our organization’s data. Think about your house for a moment. Not only do you work hard to make your house a pleasant one to live in, you also make sure that it is secured and covered (think home insurance) in case something happens. I’m sure that even in a safe neighborhood, you don’t just leave your valuables outside nor play around with highly flammable materials on your garageĀ (unless, of course, you’re Tony Stark.)

I propose treating your databases regularly to a S.P.A.

  1. Security. If only 8% of the time is spent on maintaining security, can we guarantee that the databases areĀ safe? In a highly regulated industry, we are mandated to meet certain criteria in order to make sure that the data is not compromised. That’s why there’s PII and HIPAA. And the risks are higher today than it was 10 years ago. Take a look at this visualization of the world’s biggest data breaches. Shocking and scary, isn’t it? Whether you’re manually checking or automating the process, be sure to regularly check your databases for potential security loopholes.
  2. Performance. I can’t argue with this because this is on the top of the list of tasks in a job description. Just look at the job postings from the different job boards. Besides, this is the most visible aspect of our job as far as users are concerned.
  3. Availability. I’m biased with this, being a HA/DR guy. But when DBAs spend only 2% of their time dealing with backup and recovery, there must be something wrong. Either management does not understand the impacts of not having HA/DR on their mission-critical systems or DBAs don’t find it important. I might be wrong with my assumptions but the numbers speak for themselves. Similar to dealing with security, it doesn’t matter whether we perform these tasks manually or automating it, we need to make sure that we can meet out recovery objectives and service level agreements.

What about you? How much time do you spend on these three aspects of your database? Which one do you wish you had more time to work on?

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published.

2 thoughts on “Regularly Treat Your Databases to a S.P.A.

  1. I’m one of those “Accidental DBA” and your workshop on HA/DR opened a lot for me. Yes, backup & recovery are important, really important. But, from my point of view, I can say that I don’t spend too much time on those tasks as everything is already automated. We have in place an automated process for the backups (thx Ola Hallengren) and another one that automatically copy to an offsite location and restore them. In case there is a failure on any of the steps, we immediately receive an alarm and then is time to drop everything and check what happened. That’s why I consider that maybe many there is not so much time spent on those 2 tasks. You spend some (or long) time to get it running automatically, configure needed alarms and off you go. From that point, I’ve spent looot more time on daily tasks, performance tuning or something else not related to backup and recovery.

    • Sir,

      I totally agree with your statement regarding “everything is automated.” Once everything is setup, configured and automated, there isn’t much to do at that point other than “validate” every once in a while. You spend time upfront designing, implementing and stabilizing a HA/DR strategy and – almost – forget about it. I don’t expect HA/DR or backup/recovery to take more than 15% of a DBA’s day-to-day task. But it helps to make it a part of regular checkpoints – maybe every quarter – and test failover and DR strategies to verify if they still meet recovery objectives. Same is true with regular security audits.

      Thanks for reading my blog.