Author: Josh Achtemeier

Ensuring SQL Server uptime is a whole different animal when your information technology systems are life-critical. There may be nobody that understands this weight more than the brave IT teams among us working within the healthcare industry. Whether it is patient monitoring devices, imaging tools or other interconnected medical technologies, the stakes are frighteningly high for these IT pros. 

A well-documented and practiced disaster recovery approach is a step in the right direction, and a keen focus on high availability (HA) to monitor and take automatic action against single points of failure is even better. However, for the imperative 24 x 7 uptime needs of hospitals and emergency medical services, additional considerations are needed. It’s not enough to push unplanned downtime as close to zero as possible. Healthcare IT teams need to be leveraging technology that simplifies management and minimizes planned downtime. One emerging technology is smart high availability. 

 

SQL Server High Availability for Healthcare Needs to be “Smart” 

Smart high availability solutions have a lot of added benefits from traditional HA that can help healthcare organizations minimize downtime, bolster security, and even save on costs. Additionally, just like any other business, healthcare organizations rely on customer experience and overall satisfaction to stay competitive in a crowded market. So, smart high availability also integrates functionality to help running applications remain perpetually performant for the best user experience.  

 

Zero Trust Network Access 

Smart high availability is the convergence of high availability clustering and software-defined perimeter (SDP) technologies. It integrates Zero Trust Network Access (ZTNA) connections so that you can build out secure SQL Server clusters that span from anywhere, to anywhere, without VPNs or direct links. 

Healthcare teams are responsible for keeping their organizations HIPPA compliant while maintaining a massive volume of sensitive client data. So, ZTNA connections make smart high availability a top-notch upgrade for your environment’s security, and help prevent downtime-inducing cyberattacks. Additionally, this secure tunneling technology enables an easy way for clients to build out clusters across multiple subnets, availability zones and regions for disaster recovery purposes.  

 

Guaranteed Performance with Best Execution Venue 

Smart high availability isn’t just a technology to keep your workloads up and running in your SQL Server environment. It can also be described as an optimization tool to keep your workloads performing, helping your organization gain the greatest competitive advantage. If performance levels drop below their SLA thresholds, they can be intelligently and automatically rehosted at the current best execution venue within your environment. All it takes is the time of an application stop-restart 

 

Unified Management Pane 

Smart high availability solutions are designed for today’s heterogenous SQL Server environments. Whether your organization has Windows AND Linux environments under management, a range of different SQL Server versions and OSes or mixed and matched infrastructure, smart HA can consolidate your management to a single pane of glass. For healthcare, this means significant savings on maintenance man-hours in your SQL Server environment—resources that can instead be allotted to innovative, business-enhancing tasks to help keep your healthcare organization competitive in a saturated market. 

 

Container-Ready Functionality 

One of the biggest keys of smart high availability in the age of digital transformation is its ability to comprehensively integrate with containers. A global shift to containers is well underway, and of the 669 respondents to this international survey by Statista, 49% plan to have containers playing a strategic role in their organization within the next 12 months. 

Container technology is being adopted by healthcare organizations to achieve gains in operational agility and reduce infrastructure-dependence. In healthcare, long-term data retention is a critical function for providing the highest level of service to customers, and containerization helps embrace an as-needed model with the cloud to save on overall costs. 

In the scope of containers, DH2i’s smart high availability clustering technology enables one significant capability that no other technology in the industry can do: Zero downtime fully automatic failover for SQL Server containers in Availability Groups. As healthcare organizations adopt technology like stateful containers more prevalently in their production environments, high availability becomes another layer of complexity that needs to be navigated. DxEnterprise smart high availability clustering software provides the answer to integrate container HA right into your single, unified management interface. 

 

Patch/Update with Near-Zero-Downtime 

Smart high availability technology allows you to rehost applications and containers with a simple stop-restart. This allows you to patch non-active nodes on your own schedule, and then rehost the instance to the updated node. This means nearest-to-zero planned downtime, and a better quality of life for your IT team with modernization now possible during the regular workday. 

 

There’s a reason the most innovative healthcare organizations in the world are embracing a “smart” approach to high availability. Investing in this technology now pays huge dividends over time and brings critical benefits like: 

• ZTNA connections from anywhere to anywhere 
• Intelligent monitoring to ensure performant client experience 
• Unified management for ALL SQL Server under management and containers 
• Nearest-to-zero unplanned AND planned downtime 

If you’re interested in learning more about DH2i’s approach to smart high availability technology, get signed up for a one-on-one demo today. 

The year is 2022.

• You’re 100% confident in your organization’s disaster recovery (DR) plan
• You can’t for the life of you figure out how to spend all the extra money in your DR budget
• It feels so lovely to have such an acute awareness of every possible threat that could lead to unplanned downtime at your organization

And maybe, just maybe, you happen to catch a glimpse of Bigfoot riding a unicorn through the lost city of Atlantis…

Let’s get real. The perfect disaster recovery architecture can feel somewhat mythical, and for many organizations, utterly unattainable. Unless companies are forced to react in the wake of a catastrophic downtime event, it can be difficult to convince the upper tiers of the decision-making hierarchy just how many financial and man-hour resources need to be allotted for DR planning and implementation.

Prohibitive budgets aren’t the only grievances facing the industry though. The associated management complexity of traditional DR solutions can be headache-inducing at best. In 2022, almost no one has a perfectly like-for-like, homogenous IT environment, and that means teams are being forced to leverage disparate DR solutions—all with their own managerial nuances and restrictions—to protect their critical data assets.

DH2i has been in the DR game with our smart high availability (HA) clustering solution, DxEnterprise, for well over a decade. We’ve interacted with a diverse range of international IT teams from a variety of industries like banking, healthcare, legal, etc. We’ve seen organizations that are just getting started with baseline DR strategies, massive enterprises that are hyper-prepared, and everything else under the sun. These are a few of the components that we think the best DR strategies contain.

Understanding and Communication Among Stakeholders

Disaster recovery needs for any given organization can vary drastically, and it’s an unfortunate reality that not every organization can afford the best technology available to protect their IT installation. Your budget allocation doesn’t have to be a shot in the dark though. It should be a function of how detrimental downtime events can be to your organization. The best way to start is to gain an understanding of these questions:

• What does a downtime event cost your organization? We’re talking both financial impact on your organization from lost revenue, and the usability impact on end users (e.g. In healthcare or emergency services these impacts could be life-critical).
• What is the worst possible impact that you’re willing to accept from a catastrophic downtime event? Obviously, this is a completely terrifying question to ask, but if your organization doesn’t have bottomless moneybag pockets, this discussion is critical. It helps determine the technology necessary to provide your organization the level of disaster-readiness that all stakeholders agree is absolutely imperative.

Once these questions are thoroughly researched and discussed, aligning expectations throughout all levels of the business hierarchy is critical. Getting stakeholders on the same page about your business’ unique disaster readiness needs helps with creating a more streamlined (it’s never easy though) process to solution identification and budget allotment. As Gartner puts it, it’s essential to, “Ensure that DR planning is done in alignment with business continuity management (not in an IT-only vacuum).”

Documentation and Role Assignment

The name of the game in a real-life disaster recovery situation is to have a meticulously detailed plan and well-thought-out designation of roles. The initial response to the outage is not the point at which you synthesize the recovery plan. Ideally, your response should be composed of explicitly planned recovery procedures including step-by-step instructions/commands that anyone on the IT team can execute to get your environment back up and running.

The most important clarification to make here is how you go about framing these disaster response protocols. Create plans based on loss categories in your environment, not based on the downtime-causing events. In other words, what assets could be lost/compromised at your organization (sites, applications, 3rd-party services, etc.)? You want your DR plan to be constructed at this level, because while your organization hopefully has a good understanding of what assets/systems you have to lose, the world is a terrifying oyster of chaos that could catalyze an outage in a variety of ways that surpass imagination. If you construct your DR response plan based on loss categories, you don’t have to worry about future events falling into a preconceived framework of downtime-triggering events.

Automation-Ready Technology and Ease of Management

It’s obvious where this recommendation is going. A thorough, easily-executable process is a good start for disaster recovery, but the best DR strategies lean heavily into “smart” automation. You want your systems to be able to react immediately to threat/outage detection and start automatically facilitating your DR processes.

Lastly, the best DR management strategies minimize concurrent recovery solutions and unify your environment for the simplest user experience. For example, you are not doing your IT team any favors by having to manage separate SQL Server Availability Groups on Windows and Linux.

Solutions like our DxEnterprise smart HA clustering software do just that. Not only can this solution be easily extended to provided multi-subnet disaster recovery with smart automation, but it also enables you to use a single pane of glass to manage your entire SQL Server environment—mixed platforms, mixed versions/editions, mixed distributions, all of it.

 

DH2i has a software solution that checks all the boxes for a state-of-the-art disaster recovery framework, and the best part is it can be easily layered over any mix of infrastructure.

Sign up for a free demo and we’ll show you how easy DR management can be.

Long gone are the good ol’ days of IT security—the days when you were a savvy individual as long as you weren’t using “password” as your password. The world is just a tad more complicated now, and unfortunately the nature of cybersecurity threats has evolved just as quickly as the technology itself. Obviously, cybersecurity awareness continues to be critical, but organizations have a growing responsibility to utilize the tools and innovative approaches available to them to create the most secure IT environment.

Here in the United States, it’s that time of year when millions of students are starting anew, or returning back to their colleges and universities to begin another academic year. Sustaining this massive influx of user activity means having your IT infrastructure as dialed-in as possible by the time the end of summer rolls around. This makes August an especially stressful time in this industry.

The lingering and permanent effects of a global pandemic have not done education-based IT professionals any favors either. Fully-remote and hybrid learning models that colleges and universities were pushed to in order to survive the pandemic have culminated in a higher volume of network vulnerabilities than ever before. Resultantly, higher-education institutions have become some of the most prevalently targeted organizations by cyber attacks in recent years. Attackers seek financial gain, intellectual property, and personal information.

This Dashlane Blog touches on several such horror stories from just the last couple years. We’re talking catastrophic effects like a college that has been around since the 19^th century being shut down completely—due in large part to an unrecoverable ransomware attack. Another university ended up being forced to do exactly what the FBI advocates against, and pay $1.14 million to appease its attackers in order to recover critical academic data.

What are the most common types of cyber attacks on the education industry?

Phishing Attacks

• Hacker pretends to be a reputable organization (e.g. College or university)
• Users are asked through an email or other source to verify their personal details/login credentials
• Victims may be linked to a fake (but undistinguishable from the real page) landing page to dupe them into entering sensitive information

 

Ransomware/Malware Attacks

• Often gain access to system through initial phishing campaign
• Brute force bot-driven attacks can be leveraged as well to guess credentials
• Hackers take control of internal systems and applications to make them inoperable
• Demand ransom payments in return for control back of your IT environment/data

What are some tools and best-practices that organizations can leverage to lower the risk of a security breach?

It goes without saying, cybersecurity awareness education is critical when dealing with a user-base of college-aged young adults (and anyone else), but there are some additional tools and best practices that IT teams can utilize to help set users up for success and cultivate a safety-conscious cyber culture.

Mandated Password Changes – Proactively prompt network users for mandatory password updates quarterly, or at whatever cadence your organization sees fit. Any effort to reduce the stagnation of login credentials can contribute to security.

Keep Software Up-to-Date – It’s important to not only download software only from trusted sources, but also to keep it up-to-date. This doesn’t just include antivirus software either. Operating system and browser updates can make UI changes and bug fixes, but they also positively benefit your device from a security standpoint.

Back Up Data – Regular data backups can help immensely with the recovery process if your system does get compromised by an attack, because oftentimes the best recovery solution ends up being an environment-wide shut down/uninstall.

Centralized Password Manager – There are many password manager applications available that keep track of all your personal logins and allow you to autofill into trusted websites. Letting apps like this do the memorization work for you means you can max out the character count and complexity of your passwords for optimal security. One example of an implementation in an education environment is the University of California, Berkeley offering a free LastPass Premium account to all faculty, staff, and students.

2-factor Authentication (2FA) – 2-factor authentication involves needing both your login credentials, and perhaps a device or additional set of login credentials that belong to you to gain access to an account. For example, applications like Duo can enable an authentication method in which users must enter account login credentials, as well as a unique, constantly-changing pin number sent to their cell phone in real time.

Domain Name Monitoring – A successful email phishing campaign often relies on a legitimate sounding URL to fool security-conscious users into believing a landing page is genuine. Tools like PhishLabs allow organizations to be alerted about new domain registrations that could potentially pose a security threat to their team or customers.

What is the best thing you can do to bolster cyber security in 2022?

As we’ve attested to, there are plenty of educational resources surrounding the topic of cybersecurity, and a constantly growing array of useful tools too. However, in 2022 there is nothing more valuable you can do than making the commitment to a Zero Trust approach to IT security. This means, “Eliminating implicit trust and continuously validating every stage of a digital interaction,” as Palo Alto Networks eloquently puts it. You create an IT environment that doesn’t trust any user whether they are inside or outside the network.

This is a broad departure from the methodology of more traditional solutions that don’t have any measures in place to prevent the lateral spread of an attack once it gains initial network access. For example, generally thought of as a secure solution, virtual private networks (VPN) possess vulnerabilities that are simply not compatible with the hybrid and multi-cloud direction of the world. VPNs are a single access point with a massive lateral attack surface—unlocking the full swath of a network for attackers who need only make it through the door. A true Zero Trust architecture can only be enabled by utilizing newer technologies like software defined perimeter (SDP) and secure tunneling.

But what about our lacking IT security budget?

It’s true, any large-scale technology adoption such as software defined perimeter is going to have an associated price tag. I would unequivocally wager it’s a much more sustainable investment than ransoms though. The benefits are far-reaching and can appeal to all levels of the IT decision-making hierarchy. Benefits include:

• Isolated network access at the application level that eliminates lateral attack surface
• No need for expensive, maintenance-intensive physical networking appliances
• No ACLs or firewall configuration headaches
• Overall reduction in lifecycle management man-hours and physical overhead
• For cloud deployments, removal of costly hourly VPN connection fees

Once your organization makes the commitment to SDP and weathers the initial expense, it is a truly silver bullet-esque path to greater security, simpler management, lower costs, and reduced physical overhead. In 2022, it’s worth being proactive, not reactive to cyber attacks.