When I started this position, I inherited 25+ database servers. These servers had a few minor issues and a few significant problems with my inheritance.
All the database servers have out-of-the-box settings, no-log backups, a full backup is done every few days or more like weekly, tons of sysadmins. Active and exposed sa accounts with passwords that were crazy simple. Index optimization never ran. Integrity checks are also never done. The database server did not use SQL agent jobs, only maintenance jobs or alters watching for job failures. Some servers were close to being out of support, and one was even expired SQL 2000. Yeah, I am not kidding.
The databases were useable, and the servers worked for the most part just slow, and the maximum minutes of data loss were generally about 2880 minutes.
Where did I start? BACKUPS. I added SQL agent jobs. The jobs included log backups, diff backups, and full backups. The brought the maximum number of minutes of data lost was now at 1440. Later I adjust the jobs to get the maximum data lost to 100-200 minutes, depending on the system. Yes, the system was eating up a ton of storage space. The network storage guy has me back this off a bit until they could get more
Here is a sample of the minutes of loss over time
Finally, with a few adjustments, I got the minutes of data loss over time to look like:
I am getting the time down to back to about 200. My target is to get this time down to under 60 minutes. But first, I need to get the integrity checks all completed. Change the configuration changes done.
The databases with
The next step is to enhance security by fixing the SA password owners started to question the Sysadmins.
Now that things are getting regular and good backups. Finally, making progress, the servers that are out of support or are getting fall off extended support. When upgrading the servers, they are all set up the same with security in mind.
We are now finishing the security changes, improving the indexing (adding/removing and adjusting). They are current on patches, and we plan to update them that will take use until 2030.
Have your servers been checked? Have they been configured well? Just because they are working does not mean that you are safe and your users are not suffering.
It is time to start that path of improving, securing, and making them faster. Need help?
