Press "Enter" to skip to content

Category: HA / DR

Security and High Availability Checklist for Database Application Vendors

Published 2026-01-16 by Kevin Feasel

Andreas Wolter has a new version of a checklist:

As a database application vendor, the security and reliability of your software are key competitive differentiators. As a Database Administrator, your priority is ensuring that hosted databases do not expose data or the environment to risk. To support this, we have developed a checklist designed as a blueprint for building secure-by-default, resilient data applications. Following this guidance not only helps you align with ISO 27001 controls but also ensures that your customers can trust your product against the backdrop of a demanding enterprise environment and an evolving threat landscape.

Click through for the list, as well as a PDF version of it. I had a couple of quibbles in my immediate reaction (especially avoiding CLR and triggers), but in fairness, as I thought about whether I’d trust rando vendor XYZ to get it right, I decided that this is good advice.

Leave a Comment

A Security and HA Checklist for Database Application Vendors

Published 2025-12-18 by Kevin Feasel

Andreas Wolter shares a list:

As a database application vendor, the security and reliability of your software are core competitive advantages. To help reaching this goal, we have created a checklist which is meant to serve as a blueprint for designing data applications that are secure by default and resilient to failure, ensuring your customers can trust your product in demanding enterprise environments.

I think it’s a good set of criteria. And from the customer’s side, it’s easy to convert these into questions that you can ask vendors before deploying their software.

Comments closed

Backup and Recovery versus Disaster Recovery

Published 2025-12-12 by Kevin Feasel

Brendan McCaffrey draws a distinction:

It surprises me how many people treat “disaster recovery” and “backup & recovery” as interchangeable terms. But backups are not disaster recovery, and disaster recovery is not a backup strategy. Confusing the two creates a false sense of security that often becomes visible the moment something goes wrong. The goal of this post is to offer clarity on what separates these concepts, so you can design a strategy that actually protects your business, not just your data.

Read on for Brendan’s argument.

Comments closed

Business Continuity Options in Azure

Published 2025-11-10 by Kevin Feasel

Aleksey Vitsko enumerates available options:

You may be familiar with high availability (HA) and disaster recovery (DR) features that are available in SQL Server and have experience configuring and managing them. But you have ever heard of or tried Azure high availability or Azure disaster recovery features. How can I learn more about what Azure brings in terms of HA and DR for Azure SQL offerings – including SQL VMs?

Read on for a variety of options depending upon whether you’re using SQL Server on a VM, Azure SQL Database, or Azure SQL Managed Instance.

Comments closed

Windows Clustering for the DBA

Published 2025-11-06 by Kevin Feasel

Sandra Delany is perilously close to running afoul of Betteridge’s Law of Headlines:

Should a SQL Server DBA know how a Windows cluster works, and or how to create a Windows cluster, or troubleshoot a cluster? Or should we, as DBAs, stay in our lane? In some organizations, a line is drawn between what a DBA can and can’t do and the System Administrator (SA) has the Infrastructure roles and responsibilities. This is fine, but that doesn’t mean a DBA shouldn’t know how to troubleshoot a FCI (Failover Cluster Instance) or AG (Availability Group) issue after an unplanned cluster-level failover.  (Yes – you can create an AG without a cluster, but that will not be taken into consideration here.)

Read on for some quick tips to get ramped up on what is available in a Failover Cluster Instance.

Comments closed

Business Continuity in PostgreSQL

Published 2025-10-15 by Kevin Feasel

Warda Bibi lays out the basics of high availability and disaster recovery in PostgreSQL:

System outages, hardware failures, or accidental data loss can strike without warning. What determines whether operations resume smoothly or grind to a halt is the strength of the disaster recovery setup. PostgreSQL is built with powerful features that make reliable recovery possible.

This post takes a closer look at how these components work together behind the scenes to protect data integrity, enable consistent restores, and ensure your database can recover from any failure scenario.

This is mostly an architecture-level view, but then again, a lot of HA/DR is about making good architectural decisions.

Comments closed

The Basics of Log Shipping

Published 2025-08-28 by Kevin Feasel

Kevin Hill explains why log shipping is still a viable disaster recovery approach, 25 years later:

In a world where shiny new HA/DR features get all the press, there’s one SQL Server technology that just keeps doing its job.

Log Shipping has been around since SQL Server 2000. It doesn’t make headlines, it doesn’t have fancy dashboards, and it’s not going to win you any architecture awards. But for the right environment and use case, it’s rock solid and can save your bacon job in a disaster.

Read on for a briefing on the topic.

Comments closed

Building 9’s with PostgreSQL High Availability Features

Published 2025-08-11 by Kevin Feasel

Semab Tariq explains some of our options:

When you are running mission-critical applications, like online banking, healthcare systems, or global e-commerce platforms, every second of downtime can cost millions and damage your business reputation. That’s why many customers aim for four-nines (99.99%) or five-nines (99.999%) availability for their applications

In this post, we will walk through what those nines really mean and, more importantly, which PostgreSQL cluster setup will get you there.

Read on to see what you can do to get to each 9, as well as some unexpected risks to keep in mind along the way. And, of course, each rung up move up the ladder will generally cost you more money and administrative effort.

Comments closed