The Pros and Cons of DBaaS-Database As a Service

DBaaS enables you to test drive multiple solutions and only buy the licenses and hardware you need to be successful.

Almost every business these days is data-centered. Whether the data is for internal applications and systems, or for other services that are offered, let’s face it…

Managing data is a key to success.

Before listing the pros and cons of DBaaS, we need to explore a few decisions businesses have to make.

These include numerous quick decisions about data handling that can set them on a path that, if incorrect, are difficult and costly to correct. Those decisions are:

· What database type to use, SQL or NoSQL?

· What are the data storage and query needs? Transactional? Big Data?

· What database system to use? A few SQL choices might be Oracle, MySQL, MSSQL, and Sybase. A few No-SQL choices might be MongoDB or Cassandra.

· Do we have DBA (database administrator) talent or do we have to hire?

· What kind of server or resources are needed? What are my power, server, disk, processing, network, and IO requirements?

· How do I maintain, backup, administer and otherwise own the database framework?

· What is my cost of ownership?

First let’s explore which database type to use, SQL or NoSQL.

Traditional database types classified as SQL have a significant place in businesses and are a mainstay for business choices. However, as companies start to create applications that drive decisions based on significant database analysis of large, almost unfathomable amounts of data, they migrate to NoSQL solutions like MongoDB or Cassandra.

The architecture of NoSQL makes it a good choice for big data solutions while the built in protections of a transactional based system like Oracle make it a better choice for banking or similar solutions.

When it comes to picking a specific system, businesses tend to stick with what they know. In other words, if they already have Oracle, and Oracle talent, then when management asks those individuals which database system they should use on Project X, it should be no surprise that they pick Oracle.

Matching a specific database system to a set of business requirements is an arduous task that should always be looked at with a fresh perspective. It should not just be based on what talent is already employed or what systems a business is comfortable with.

Let’s face it, if a business picks correctly, all is good. If they pick incorrectly, they have wasted a lot of resources which equates to dollars. Enter DBaaS.

Where DBaaS excels is that it gives businesses the ability to test the waters a bit, to try before they invest heavily.

DBaaS acts as a stepping stone to total ownership, a cost effective solution to help you figure out your needs prior to investing heavily.

DBaaS has both pros and cons.

First, it is necessary to distinguish between “hosting database systems” and DBaaS.

There are many cloud based solutions that “host” a database system but provide no significant help in configuration, tuning, consulting, and providing the talent needed to actually use those systems.

True DBaaS provides both the system and the talent to help you utilize the database and determine how to store, query, and analyze your data. The value of DBaaS goes way beyond the hosting.

The pros of DBaaS include:

· No equipment or software licenses.

· Flexibility. Multiple choices are available to test drive your applications and pick the right platform for your business requirements.

· Significantly less staffing requirements. The DBaaS provider handles installation, configuration, and in many cases development.

· Offsite hosting, providing protection from local power failures or disasters. Many businesses design their system with power redundancy in mind, but, in reality, rarely meet those goals.

· SLA agreements that have redundancy, uptime, and backup protections. A DBaaS provider has intent focus on protecting your data.

Meantime the cons of DBaaS include:

· Limited access to underlying servers. This can present itself as a feeling of no control.

· Very little knowledge of how your data is protected from cyber security threats. This can be dangerous for sensitive data.

So how do you decide? Is there a transition from one to the other? Yes, almost always, but by following a few guidelines to start with, DBaaS can be used properly.

Those who wish to use DBaaS should adhere to the following guidelines:

1. Do all development using DBaaS. This is your chance to test drive different architectures and features.

2. Unless you have full disclosure of how your data is protected, managed, and secured by DBaaS providers, it is suggested to consult with database architects to host sensitive data internally. Note, this is typically not big data. When we use the terms sensitive data, we mean just that. Data like SSNs, account details, financials, personal data, etc. Does this mean that you cannot use DBaaS for this? No, it means that you first have to find a DBaaS provider that will show you everything from how your encrypted data gets in their system to storage, access, etc.

3. When you are not sure of what your database needs really are, use DBaaS first. This lets you try SQL or NoSQL. This lets you explore the encryption capabilities of Oracle versus MySQL. Think of DBaaS like buying a car. You test drive sedans, trucks, and SUVs, and try different manufacturers and features. You may decide to lease or buy.

4. Always monitor and evaluate the cost of ownership. As your system grows, the operating costs might make sense to drop DBaaS and build an in-house system. By then, however, you have already decided on what you really need.

The goal with DBaaS is to test drive multiple solutions and only buy the licenses and hardware you need to be successful. You can then hire the correct talent to manage your system.

David Moye is a Principal with Forensic IT in St. Louis, MO, a firm providing big data solutions to companies nationwide. David helped found Forensic IT in 2003 and has some 25 plus years of experience as a software engineer and solution architect. Along with at least a half a dozen core programming languages, he is a certified DBA in Oracle and Sybase and has spent years working with MS-SQL and MySql.

Afterlife Bots – A Dead Man’s Petition

No, neither am I a Ted-famous Tech geek spiritual guru nor am I in contact with the afterlife. I am just fascinated by the buzzwords “Machine Learning” and “AI” and a little overwhelmed by the number of articles mentioning those words on my news feed.

I remember reading a line in a news article that “Bots are getting better at imitating humans”. Why not hire one and decrease workload by 50%. Well, I suppose we are working towards it.

Google recently announced that their AI-enabled assistant (with 6 voices) can book a hair-cut appointment seamlessly (Well I want a shave as well, and I want it to go and do grocery shopping handpicking the freshest tomatoes from the lot).

Jokes apart: kudos to the team of brilliant scientists, engineers, and others who are working day and night to make this happen.

Coming back to my original story.

Let’s start with Human life (and relationships) – Data Gathering

“Quite a digital world”. We are capturing and storing our personal life events as much as we can digitally (Thanks to social media, external hard disks, and pen-drives). Why not store our entire life in a 1000 Petabyte storage device. Capture every second – actions, events, habits, decisions, etc. Imagine if we can see and experience our parents’ childhood or see “What all Mahatma Gandhi did in his entire life”. Interesting right?

We all know how quickly robotics, machine learning, and AI are evolving.

What if we combine robotics, machine learning, and human life data? Can we create a human replica bot which would respond similarly, make decisions similarly, have similar habits basis the 1000 Petabyte data fed. All in all, can that bot be my replacement after my death?. Can it be my AFTER-LIFE BOT?

Literally, nothing can replace a dead human being. I was not fortunate to see my grandfather or meet him. But will my great grand/grandkids know about me? The answer is I do not know. We all are striving hard to leave a legacy behind us. Why not use robots and machine intelligence to duplicate ourselves. We do have ample amount of data to feed ~79 years (average age of human being) or ~2 Billion moments. Don’t you want your great grandkids to remember you after you are gone?

With a simple Google search, I got a news article mentioning “Mind Clone” – the idea of uploading the memories, thoughts, and feelings of a person into a computer. It mentions that the companies such as eterni.me, Gordon Bell’s MyLifeBits, and Terasem’s Lifenaut are all pursuing Mind Clone to help a person’s personality, work and relationships survive after death.

Should You Use Two-Factor Authentication

What exactly is two-factor authentication and what started it? Two-Factor Authentication happens when you are required to use two types of identification to log into a web site or open your email. It was started because people were using weak passwords or no passwords at all.

Normally the first factor is a password. As a reminder, your passwords should use numbers, capital and small letters and symbols. They should not be any sort of dictionary word and be at least 12 characters long, the longer the better. You should never reuse a password. If used correctly, you will need a password manager to remember them all. Getting one it is well worth it.

The second factor can vary widely from fingerprint or facial recognition to the web site sending you a numeric code via text or email that you must enter into their web site as part of the log in process. Google, Microsoft and others are working on other methods of authentication that will be secure and make it easier for the end user.

The best type of security is the one that people will use. Two-Factor Authentication takes a little longer to log into a web site, it will add 15-30 seconds. That time would be time well spent to protect your security. Web sites; especially banks, financial and health care sites, want to be sure that when a user logs in it is in fact the correct person. This is very difficult to do with just a password. Think about all the passwords stolen last year due to hackers.

This is where your phone is used to confirm your identity. Say you log into your bank’s web site. If you use your phone for that login, your fingerprint or facial recognition can be used to ID you. If you use a desktop computer, they will usually send a numeric code to your phone that you use during the login process. In either case you gave the bank your mobile phone number, so they have at least some assurance that it is you. You also enter your password that matches what the bank has on file. This is how Two-Factor Authentication works, two types of identification.

As I stated earlier, web sites and companies are working to make this login process easier and more secure. This is a hard job as easier and more secure don’t always work together.

George Uliano is a security professional with years of law enforcement and security experience. He earned a Bachelors Degree in Criminal Justice and Business graduating with honors. George holds three U.S. patents on different locking principles. This combination gives George and His Company Locking Systems International Inc the unique ability to provide its customers with the correct security at an affordable price.