Re: Consolidated Database Risks and Mitigating Controls

[Chris Green <cmgreen () UAB EDU>]

I believe that consolidation requires a higher level of maturity to get right.  Capacity planning is first and foremost 
for situations like "what happens when 2 of the 3 apps want all the capacity, are all my customers unhappy?"  It takes  
a very knowledgeable customer to push back correctly on vendors as well used to being the only game in town.    Usually 
the side experiencing issues is very hard to instrument to show that the problem is (or isn't!) the database.

On Oct 6, 2009, at 2:19 PM, Delacruz, Jay J. wrote:

Educause Team,
Anybody want to share their experience with consolidated databases? In particular; risks of that specific architecture 
and what mitigating controls were used. What risks apply to data loss, disaster recovery, business continuity planning 
etc..?

“Putting all your critical assets in one basket.”  Great idea or is it an unnecessary risk?

Thanks ahead for any input… :)

Jay Delacruz, CISSP
Information Systems Security Department
Wake Forest University
Winston-Salem NC 27109
delacrj () wfu edu<mailto:delacrj () wfu edu>
336-782-0116
<image001.gif>