Should DBAs Be the Protectors of Data?

Originally published in the Database Weekly newsletter.

I used to work at a large organization ($8 billion in revenues) as a SQL Server DBA. My immediate manager, who was a DB2 mainframe DBA, had worked for the organization for over 20 years, and he became a great mentor whom I grew to respect over the many years I worked with him.

While I learned a lot from him, one thing in particular that he taught me that has really stuck in my mind is that a DBA should be the “protector of the organization’s data”. By this, he meant that one of the most important roles a DBA should take on in an organization is to actively seek out the organization’s mission critical data, wherever it was located, and take on the responsibility of managing it.

For example, if he heard about a user who was using an Excel spreadsheet or an Access database to store mission critical data, he would then contact the right people in the organization to ensure that this mission critical data was moved and properly stored in a database, so that it could be protected with proper security and backups. He didn’t do this because he wanted “power”, but because he really cared about the organization. As you might imagine, he ruffled a few feathers when he did this, but I really admired his devotion to the organization and the protection of its data.

So what do you think? Should DBAs take on the responsibility of actively seeking out an organization’s mission critical data in order to protect it, or should they leave that responsibility to someone else in the organization, such as the IT Director or the CEO? In other words, whose job it is to protect the organization’s data, and where does the DBA’s responsibilities begin and end?

3 thoughts on “Should DBAs Be the Protectors of Data?

  1. One of my many titles at my current job is Content Manager. I am responsible for ensureing data integrity in our environment, via a number of ways
    – working with App Dev team to ensure applications handle data properly
    – enforcing constraints in the database where possible
    – auditing data as part of regular maintenance.
    – working with InfoSec / infrastructure team to “manage” data elsewhere in our business that we can’t directly control.

    When problems arise as part of the audit, it’s my job to determine where / how the invalid data came in and work with the appropriate teams (developers, users, clients) to ensure it doesn’t happen again, or build systems to handle it.

  2. Pingback: Tweets that mention Should DBAs Be the Protectors of Data? | SQL Aloha --

  3. I’d guess it depends on how much power you have to enforce the rules. At my company I’m the only DBA and if I lose the mission critical data, I’ll be looking for a new job. So when I started the DBA job I found out what was most important to my boss (VP of IT) and ensured it is safe. We are a smaller company so it is easier for me to have that control. Not sure that would be the case at a large company.

Comments are closed.