The database is the heart of the modern business – is yours compliant?

Compliance has become a buzzword of late when considering the increase in legislative acts which organisations from across all industries and verticals must now comply with.

February 16, 2012

By Gerrit-Jan Albers, Service Delivery Manager at RDB Consulting

Compliance has become a buzzword of late when considering the increase in legislative acts which organisations from across all industries and verticals must now comply with. However, the concept of compliance reaches so much further than this alphabet soup of regulations. It delivers a best practice platform for businesses to adhere to, improving many aspects of the organisation. When it comes to the implementation, hardware, software, configuration and security guidelines of a database, compliance is crucial. Not only does database compliance eliminate many avoidable issues at all stages of the database lifecycle, it also ensures that support and troubleshooting run smoothly, and provides a number of additional benefits.

The concept of database compliance is not a new one.  It has gained prominence in recent years due to the ever-increasing numbers of databases and the realisation that data is of value.  Multiple types and hierarchies of users, from admin staff to power users, require access to the database through a number of channels, including access via the Internet. Therefore the requirements of database compliance have increased over time and exposure and database vulnerabilities have increased too.

Although the name might suggest otherwise, database compliance applies to more than just the physical database itself. It incorporates the hardware, the operating system (OS),  software, the database installation, configuration and security  In  order for these aspects that collectively make up the database to be successfully implemented and maintained, it is vital to follow the processes, procedures and recommendations as laid out by the vendors.  This compliance ensures that the database is running optimally, is secure and delivers the best possible productivity and uptime. All of these areas within database compliance impact performance and availability, making it vital to ensure that all aspects are correctly configured and work together optimally.

Since compliance, risk management, improved cost and increased productivity go hand-in- hand in all areas of the business, the importance of database compliance is clear. If the database and/or any facet of the database has not been implemented according to the guidelines and practices as recommended by the vendor, it is not compliant. This introduces risk into the organisation, which in turn can lead to downtime and other issues such as hacked databases, leaked data files and even SQL injections, all of which will impact upon both cost and productivity.

By adhering to vendor specific compliance guidelines, the ‘time to implementation’ of a new database is shortened as all of the material and documentation required for a tested and certified configuration is readily available. This eliminates the need for guesswork and testing, and also lessens on-going support costs as the database is set up correctly from the outset. Organisations can also protect themselves from risk and can be certain that configurations have been thoroughly tested to ensure that the database will function as expected. Vendor specific database compliance certifies that the database is constructed in such a way as to ensure optimal performance, according to tried and tested methodology.

This compliance also guarantees that certain standards are met with regard to the implementation and maintenance, which enables a far simpler troubleshooting process that shortens resolution time for faults. When service requests need to be escalated to the vendor for resolution, the process is simplified since a compliant database will follow certain configurations no matter where it was implemented and by whom. If the support personnel understand the configuration as it follows vendor guidelines, solutions can be provided quickly at minimum cost. However, if an organisation deviates from the guidelines, the vendor is not obligated to provide support, since they cannot guarantee functionality on non-compliant configurations.

It is beneficial to engage with a specialist outsource provider in order to ensure that the database is configured according to vendor guidelines and best practices. While an in-house team may be able to access database compliance documentation and follow the guidelines to ensure the implementation is up to standard, specialist outsource providers have the experience and exposure to multiple environments to be able to contextualise this information and put it into practice. Furthermore, specialist providers have established on-going partnerships with vendors for better support and offers peace of mind in terms of agreed levels of service delivery.

In addition to ensuring the database is compliant at every step of the implementation, specialists are also able to make certain that the right functionality is available to the right people at the right time, with maximum uptime. This reduces risk, improves productivity, cuts costs and ensures compliance.