An Enterprise-Class Plan for Securing Microsoft SQL Server Databases


If you are running Microsoft SQL Server databases to support critical enterprise applications, you are part of a growing trend. The cost/performance benefits of Microsoft SQL Server on the Microsoft Windows NT and Windows 2000 platforms have fueled the growth of SQL Server as a platform for enterprise-class applications.

However, an easy-to-use and cost-effective platform does not ultimately alleviate the problems that come with administering production databases. As databases grow in size and the number of databases in production systems increases, protecting those databases adequately and efficiently becomes a significant challenge.

The native backup utilities distributed with Microsoft SQL Server are adequate for development systems or small production databases. If you are not running large databases in production, that might be all you need. But once you start using SQL Server databases in heavily used production environments with high volumes of data and transactions, the task of managing and maintaining those databases suddenly becomes more complex.

Consider the range of problems that a DBA handling several large production databases might need to handle:

Clearly, you need a better plan for securing database data – one that accounts for the DBA's expertise and procedures as well as the data itself. This paper describes the requirements of such a plan. It also describes how the SQL-BackTrackfor Microsoft SQL Server product from BMC Software helps you implement a comprehensive plan, securing your vital data against any number of potential problems.

Taking Steps Now to Secure Your Data

If you are running Microsoft SQL Server in a production environment, run through the following steps to be sure that your databases are adequately protected.

Step 1: Back Up Everything

This seems obvious, but it is easy to lose sight of everything to back up.

Step 2: Simplify as Much as Possible

Support your DBAs by simplifying and automating regular backup procedures as much as possible. Because people inevitably make mistakes, the less you rely on any one individual's record-keeping and detail, the more secure your data.

A comprehensive backup solution has the following characteristics:

The use of a graphical interface provides easy cross-training for DBAs, helping you manage growing numbers of servers with existing staff.

Step 3: Centralize the Backup Administration

One way to work more efficiently is to centralize database administration as much as possible. A good backup and recovery solution allows you to manage and track backups and recoveries for multiple servers from a single location.

Step 4: Perform Fast Backups

As databases grow in size, backup performance becomes critical. A good backup and recovery solution should improve backup performance by:

Step 5: Simplify Recoveries

Recoveries tend to happen during times of crisis. Therefore, recovery procedures need to be as simple as possible. A good recovery solution:

Step 6: Shorten Recovery Time

Any downtime is too long. A good backup and recovery solution needs to speed recovery. Look for:

Step 7: Test Recovery Procedures

It is not enough to have a good plan in place; you need to make sure it works. A good solution provides dry-run recovery operations, so you can be sure that your backup media is readable and you have what is needed for a recovery at any point.

Step 8: Test the Master Recovery Procedure

Recovering from a problem with the master database requires a good understanding of the current master database configuration. Too often, this is information that DBAs do not track carefully.

A comprehensive backup and recovery solution should:

Evaluating Your Coverage

Most backup and recovery solutions cannot meet all of these requirements. Microsoft's native utilities, while useful, do not go far enough. Solutions from storage management vendors manage some of the requirements but do not extend the native capabilities except in device support and management. None of them, for example, provide a robust logical backup and recovery solution for complete coverage.

SQL-BackTrack for Microsoft SQL Server does meet these requirements and more, enabling you to create truly reliable, manageable backup and recovery procedures.

SQL-BackTrack for Microsoft SQL Server: Comprehensive, Expert Backup and Recovery

SQL-BackTrack for Microsoft SQL Server provides comprehensive backup and recovery support for large, production SQL Server databases.

As part of the extensive SQL-BackTrack family of database-specific backup and recovery products, the SQL-BackTrack product provides unique functionality and database expertise. It extends the backup and recovery capabilities of Microsoft SQL Server for a truly enterprise-class solution.

SQL-BackTrack provides SQL Server DBAs with:

The following sections describe these extensions in more detail.

Extending Backup Functionality and Flexibility

Functionality and flexibility features:

SQL-BackTrack for Microsoft SQL Server provides a number of unique capabilities, unavailable without the use of this product. Many of these are implemented through the product's unique logical backup and recovery capabilities.

A logical backup is much more than a bcp of table data; it extracts the content and structure of database objects, including their interdependencies. You can use logical backups to migrate data between different database servers. This provides unparalleled safety and security in an environment with multiple database servers in-house.

Logical backup and recovery operations provide a number of new capabilities for the DBA:

Improving Backup and Recovery Performance

Performance features:

Backup performance is always important. Recovery performance is critical. SQL-BackTrack uses Microsoft SQL Server's native capabilities as a basis for its backups and recoveries but adds a number of features to improve overall performance:

Improving Manageability and Security

Manageability features:

Part of ensuring the safety of the database lies in simplifying and automating the administrative processes as much as possible. For ultimate security, the safety of the database should not depend on any one individual's expertise. Database administration should fit into an overall enterprise management structure.

SQL-BackTrack does much to secure the database by securing the backup and recovery processes.


If you are using Microsoft SQL Server to host critical production applications, you need to be sure you have implemented a robust, production backup and recovery environment for those servers. SQL-Backtrack for Microsoft SQL Server helps you do just that, providing the performance, manageability and flexibility to provide enterprise-class coverage for your critical systems.