Back in November of last year, Microsoft announced SQL Server 2016 SP1. This release contained a very significant item dubbed “Feature Parity” across editions. If you’re not an SQL DBA, then you can be forgiven for not having heard about this or appreciating its significance. This announcement is huge as several features previously exclusive to Enterprise edition are now available in Standard, Web, and Express.
There are many articles out there explaining this release and detailing the features that have now been made available in Standard, Web and Express, like Always Encrypted, Dynamic Data Masking and Row-Level Security. Without going into that level of detail, I have highlighted these three features as examples of not only the new parity between the editions, but how data security should be at the forefront of everything we do and not restricted to organizations who can always afford Enterprise edition irrespective of the size or resource requirements of each implementation.
What is Movere telling us?
Let’s take a closer look at the first ~500k Windows Servers inventoried by Movere since the release of SQL Server 2016 SP1. We have excluded SQL Server Express and focused on SQL Server Standard and Enterprise.
SQL Server deployments by Version and Edition:
|SQL 2008 R2||39.20%||14.58%||24.62%|
59% of all SQL Server Standard and Enterprise installations identified by Movere in the past 6 months are 2008 R2 or prior. To put things in perspective, SQL Server 2000 was released in November of 2000, while SQL Server 2008 R2 was released in April of 2010. More than half of SQL Servers recently inventoried by Movere are between 7 and 17 years old.
Movere is a SaaS solution in the cloud, what would you know?
Let’s speak first hand to our use of SQL in Movere. Movere is architected into multiple server stacks with the top of each stack being the visualization layer that presents the results through an associative dimension interface. This requires a significant amount of computing resources, which until Movere is fully containerized on Docker (this fall), limits the number of customers we can service on each stack (usually between 50-100 customers per stack). This limit is not SQL driven since each Movere stack can run comfortably on a single SQL Server Standard instance. However, it does force a cost decision. SQL Server Standard easily satisfies our performance needs, but, unless we utilize SQL Server Enterprise, we’d need to forgo key security features. Until now.
We are not unique here. Reasons we can no longer use to explain why we aren’t upgrading our SQL Server footprint include:
- Having to accept lower levels of security to fit a budget or cut costs
- Being unable to access features that would have a huge impact on small businesses like data compression to drive down storage and memory needs
- Delaying cloud adoption based on a SQL Server host level licensing strategy mapped out years ago that has not yet achieved its required Return on Investment
What are we doing?
We are educating our partners and customers on why this is such a big deal. SQL Server implementations built on prior versions of SQL Server Enterprise, which are leveraging feature(s) previously exclusive to Enterprise, but due to the small size of the application, small user base, lack of Software Assurance, or the fact that SQL Server Standard, Web, or Express could provide the required performance at a lower level of security, can now be upgraded to SQL 2016 and move us further along our cyber security roadmap.