The state of SQL Server health.
Across 20,000+ SQL Server assessments and live monitoring of 677 production servers, the picture is consistent: estates run at a fraction of their capacity, pay for licensing they never use, and miss the same five basics. Here is what the data shows, and what it costs.
Where the average estate actually sits.
Across 677 production SQL Servers run by 84 organisations — live, anonymised monitoring data, not a survey — the average server runs at 3.0% CPU. Four out of five sit under 5% (540 of 677). Only four servers in 677 ever push past 50%.
The translation: most SQL Server estates are paying for roughly four times the licensing they actually use. Not 25% headroom — four times. The boxes are idle, the cores are licensed, and nobody has looked. In that same dataset, right-sizing alone would cut the modelled SQL Server licence bill from $16.2M to $4.4M, a 73% reduction — before a single server is consolidated onto another.
Five gaps, on almost every estate.
Different industries, different sizes, the same five things. We've written the long version up in full here; this is the shape of it.
Backups taken, never restore-tested
The single most common critical gap. The job runs green every night and proves nothing — the only test that counts is a restore, and almost nobody runs one. A backup nobody has restored is a folder, not a safety net.
Paying for licensing nobody uses
Over-provisioning is money lit on fire every month. Most estates run Enterprise on workloads that never touch an Enterprise feature, plus idle dev, test and decommissioned boxes still drawing licences. Invisible until someone looks.
Access nobody has counted
sysadmin sprawl, an exposed sa account, logins from people who left years ago that still work. The first thing an auditor flags and the first door an attacker tries. The estate runs fine with the doors open — right up until it does not.
Patches missing, or versions past support
Unsupported SQL Server still in production, carrying known, fixable vulnerabilities that will never be patched because the version stopped getting fixes. It runs perfectly. It is also a published list of ways in.
A DR plan nobody has timed
"We have backups" is not "we can be trading again by Monday." Almost nobody has actually timed a restore of their most important system, or confirmed the recovery copy sits somewhere a single failure cannot take with it.
Most SQL Server estates are over-licensed.
Not by a little. Across the estates we assess, the typical SQL Server bill carries 20 to 40% of licensing that the workload does not need — Enterprise editions where Standard would be compliant, whole hosts licensed for a couple of virtual machines, and idle instances still drawing licences months after the work stopped. The worst single case we have seen was a 95% leak: almost the entire bill was for licences nobody needed. Found and removed, that overspend has added up to more than NZ$50 million off client bills, about $7 million a year.
An honest word on the numbers.
These figures come from the SQL Server estates we assess — businesses that brought us in because they already suspected something was wrong. That is a self-selected sample, skewed toward estates with something to fix, so we say "across the estates we assess," never "across the industry." We don't publish a prevalence percentage we can't stand behind, and every number here is one we have removed from a real bill or found on a real server. If a figure isn't solid, it isn't on this page.
Where does your estate sit?
Find out in 15 minutes. A free, read-only health check on one instance, with no production impact, and a graded report in plain English.