Data under lock and key

Database management vendors aim to assist compliance

The year in databases saw its share of technology advances. The rise of commodity 64-bit hardware, native XML storage in relational databases, configuration wizards, auto-tuning … all these developments are making databases more powerful, flexible, and easy to manage. Perhaps the biggest trend, however, in terms of what will drive the direction of databases and related products in 2005, is to demonstrate compliance with the likes of HIPAA, Sarbanes-Oxley, and other regulations.

Database activity auditing is a standard component of internal and external audits, and we’re already seeing products designed to make these exams easier. Lumigent stepped up to the plate in 2004 with a new version of Entegra that tracks all database activity, including changes to stored procedures, database schema, and access permissions.  

Promising the ultimate safeguard for sensitive data, data-level encryption products are also big right now. Raising the bar for third-party vendors (as always), Microsoft is incorporating cell- and column-level encryption into SQL Server 2005. Meanwhile, solutions such as Application Security’s DbEncrypt make it very easy to encrypt column- or table-level data. DbEncrypt only works for SQL Server and Oracle databases, however. Ingrian’s DataSecure appliance takes a broader sweep, encrypting data in applications, databases, and storage systems all over the network. Whether you want easy global management or minimal network overhead, there’s an approach that’s right for you.

Among the database vendors themselves, the race is on to produce the most automated RDBMS. IBM’s DB2 8.2 broke new ground in multiquery optimization and introduced other important self-tuning capabilities. The stated goal, self-healing, is in sight, but today, admins must script the fixes. Nevertheless, the health monitoring capabilities are there, and IBM is clearly positioned to be the leader in this emerging area of database technology.

If DB2 8.2 was groundbreaking, the Oracle Database 10g release was earthshaking. In addition to the new “grid management” capabilities, which allow admins to  reallocate cluster resources dynami-cally among business processes, 10g introduced a number of automated administrative features -- including memory, storage, and configuration management -- that make it much easier for DBAs to stay on top of large, complex environments.

Formerly the palace of the rich, 64-bit computing has finally broken through, thanks to AMD’s Opteron and Intel’s EM64T. More midsize businesses are starting to invest in this technology, and it will very soon become the standard by which we measure third-party applications. Oracle and DB2 were among the first applications to run on 64-bit Linux, and they’ll be among the first to climb on 64-bit Windows when it arrives in Q1 2005.

Open source databases created some buzz this year, with MySQL finally adding stored procedures and Ingres being offered by Computer Associates under an open source license. Not only are these databases gaining popularity, but they are finally being legitimized by vendors who are writing applications for them. In 2005, expect to see not only applications that use these databases but also third-party tools for monitoring and administering them.

As open source databases become more functional and manageable, shops will begin jumping off Oracle, DB2, SQL Server, and Sybase. This likelihood is already forcing Oracle to reduce its prices, and it will force the big four commercial players to increase functionality to justify their costs.

Finally, expect to see a big push for process-modeling tools, as compliance controls come forward this year. Ensuring the integrity of information in the database will only get harder, as products such as IBM’s DB2 Information Integrator make it easier to query and load data from many different sources. Auditors will want to know where this data is coming from, whether you can track it, and whether you know how to troubleshoot integrity problems. The cat is out of the bag.