|
|
|
Features
< Back
Sarbanes Oxley : Technology : Database
Improve DBA Efficiency to Ensure Compliance
By
Rob Gardos
|
|
Rob Gardos
CEO
GridApp Systems
|
For the past few years, database administrators (DBAs) have had a common concern: they are being asked to understand and implement more and more of their organization's regulatory requirements. The most obvious driver for this is Sarbanes-Oxley and it can add a significant amount of additional responsibility on the DBA as auditors and security teams seek to implement regulations at the data level. As the workload for DBAs increases, so does the demand. The U.S. Department of Labor and Statistics recently reported that employment of DBAs is expected to outpace growth of all other occupations through 2016. With the burden of compliance falling on the DBA and the demand for skilled DBAs increasing, how can you prepare your organization? How will you leverage your existing team and still meet compliance standards?
The DBA Shortage and Compliance
How did the DBA become responsible for compliance? A great deal of it has to do with the unique complexities, challenges and requirements of the database space. Security engineers may understand network security and server security, but it's unlikely they'll understand the specifics of GRANT privileges in a database or how database auditing can or can't catch certain types of information. Because of this, it becomes the DBA's responsibility to understand the standards and requirements and to implement them.
The challenge there, of course, is that very few DBAs would describe themselves as security specialists. In fact, a Forrester study identified that 72 percent of DBAs interviewed said they felt as though they didn't know how to implement database security. Finding and keeping the DBAs who understand compliance, will be increasingly important for IT managers.
Industry experts have been warning of this looming shortage of skills in the data center for some time now, but how can you protect your organization from such a loss? By implementing data center and database automation technologies, like GridApp Clarity, high level IT experts, including DBAs, can focus on compliance and allow junior staff to perform tasks traditionally executed by more skilled workers.
According to the leading analysts, DBAs spend the vast majority of their time performing mundane tasks that focus on keeping the ship afloat. The good ones may leverage the mighty power of the script to improve efficiency, but this is often done on an ad hoc basis. More frequently, the DBA has been reduced to following run books and escalating to support when all else fails. When you consider that these are your “data” people and the importance of understanding your data can mean a company’s success or failure, it is surprising that little has been done to change this situation, particularly when the amount of data under management and the standards by which that data is managed are exponentially increasing. Companies have no choice but to alter the way they manage information. There has to be a better a way – the answer is automation.
Implementing Database Automation
While automation has spread widely across the data center, few DBAs have applied these principles to the database. Companies need to apply a centralized, automated mechanism to manage their databases. With automation tools, senior DBAs are free to stop “pushing buttons.” They can give the repetitive tasks to less skilled workers and focus more on strategy and revenue-generating practices. Meanwhile, mid-level workers can take on roles that were traditionally reserved for the IT industry experts. And, since automation eliminates manual, human-error, business leaders can be assured that jobs are performed to their satisfaction.
Once the power of automation is realized, the implementation begins. The first step toward implementing a complete automation solution is creating an extensible and maintainable framework. This framework must be able to handle several system requirements. However, it is quite challenging to create a framework that is adaptable enough to manage complex databases and is easy to use. Interacting with a complex application, such as Oracle DBMS and Microsoft SQL Server, requires running several commands, each with unique arguments and each in a unique way to determine if the task was successful or not. Organizations also have customizations beyond the scope of managing the actual database application that must be integrated into the automation framework. These requirements can exceed the complexity of the core database automation. In many cases, preexisting work can be leveraged with automation to meet these requirements.
Next Steps for Ensuring Compliance
Implementing an automation process for your DBAs to manage is a win-win situation for business decision makers. It allows the highly skilled DBAs to focus on strategy and compliance, while the less skilled employees maintain best practices. If companies are able to adopt an automation strategy into the mix, they will be able to leverage the skills of their existing staff, without having to hire additional employees. Given that the U.S. Department of Labor and Statistics has predicted that employment of DBAs is expected to grow “much faster than average,” clearly demand for this type of skilled worker is very high and qualified candidates will demand highly-competitive salary and benefit packages. With automation, you can trust that your staff will be prepared, efficient, and will not sacrifice compliance.
Rob Gardos
CEO
GridApp Systems
Robert Gardos is the President and founder of GridApp Systems. Over the past twelve years, Mr. Gardos has held numerous senior management positions in technology driven organizations. He has a wealth of experience developing efficient and cost effective technology solutions to meet the demands of customers.
Mr. Gardos was formerly the Chief Technology Officer and General Manager of Register.com (RCOM), an Internet organization specializing in domain name registration. Mr. Gardos joined RCOM as the ninth employee in June 1998 and helped grow the company to a publicly traded and profitable entity, increasing annual revenues from $1 million to $125 million. At RCOM, Mr. Gardos pioneered a new standard in the domain industry, shifting name management to the customer through an easy to use Web–based application. This served to improve consumer satisfaction and reduce maintenance costs, an approach that was subsequently adopted by the entire industry.
Robert Gardos was co-founder and CFO of TouchLink Communications (TLC), a startup company specializing in public Internet kiosks. Prior to that Mr. Gardos worked as a Senior Consultant at Ernst & Young, focusing on system selection and implementation projects.
Mr. Gardos graduated from the Wharton School of Business at the University of Pennsylvania in December 1993 with a Bachelor of Science in Economics and concentration in Finance.
|
|
|
|
|
