Where Does Business Logic Live? A DBA’s Guide to the Stored-Procedures-vs-Application-Layers Debate

Few architecture questions generate more heat and less light than this one: should business logic live inside SQL Server stored procedures, or outside the database in application layers? Ask a room of developers and DBAs and you will get a fight, not an answer.

This series is the answer I wish someone had handed me earlier – written from the perspective of a DBA who has worked with both architectures and has no interest in winning the argument for either camp. It is balanced on purpose. Both approaches have built systems that run the world, and the goal here is to help you place each piece of logic where it actually belongs, with evidence rather than ideology.

Every factual claim in the series carries a footnote linking to a verified source, so you can check the work and follow the references deeper.

The Series

1. Where Does Business Logic Live? A DBA’s Field Guide (available 2026-06-10) – A short history of database-centric design, the evolution toward service-oriented and web architectures, and a precise taxonomy of what “business logic” even means: integrity, validation, business rules, workflow orchestration, and presentation. Where each can live, and why the debate keeps turning ideological.
2. The Case for Logic in Stored Procedures (available 2026-06-11) – Centralized rule enforcement, reduced network traffic, set-based processing, transaction consistency, least-privilege security, and the ORM-generated-SQL problems that drive teams back toward procedures. With practical T-SQL examples.
3. The Case for Logic in Application Layers (available 2026-06-12) – Separation of concerns, testability, CI/CD, scalability, technology independence, and cloud-native patterns. Examples in ASP.NET Core, Spring, Node.js, and SPA frameworks – plus the standing correction that CI/CD applies to database code too, not just application code.
4. Performance and Operations: What Actually Happens in Production (available 2026-06-13) – Execution plans, network round trips, data transfer volume, caching, ORM behavior, transaction scope, and horizontal scaling – alongside the operational reality DBAs live in: change management, source control, deployment, auditing, troubleshooting, monitoring, and ownership boundaries.
5. Security, Misconceptions, and Hybrid Architectures (available 2026-06-14) – How security really differs between the tiers (the procedure boundary, SQL injection, row-level security, dynamic data masking, compliance), the four myths this debate keeps recycling, and what a deliberate hybrid actually looks like.
6. A Decision Framework (and When to Stop Arguing) (available 2026-06-15) – A six-question checklist for placing any piece of logic, what scale teaches from Stack Overflow, GitHub, Shopify, Stripe, and Uber, why these debates turn ideological, and where the series goes next.

Who This Is For

• SQL Server DBAs who need to articulate, with evidence, why integrity belongs near the data.
• Database developers deciding what to put in a procedure and what to leave to the application.
• Solution architects drawing the boundary between the database and the services above it.
• Senior application developers who want the DBA’s view of what their ORM is doing.
• IT managers making platform-architecture decisions and refereeing the inevitable debate.

Related Reading

This series is a companion to the ALTER DBA ADD AGENT series on practical AI for database professionals. If you are putting your database code under the CI/CD discipline this series keeps insisting on, start with Version Control and CI/CD and AI-Assisted Pull Request Reviews for Database Code.

Start with Part 1, or jump to whichever part matches the argument you are having today.