General discussion


Physically secure your datacenter

By debate ·
Tell us what you think about physically securing your datacenter, as featured in the June 4th Disaster Recovery e-newsletter. Are there other inside security measures you think would benefit TR members?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Basic Information Will Help

by noihawaii In reply to Physically secure your da ...

I have a very good book on physical computer security that will help prevent physical theft.The book retails for $10,but i will be glad to send it out to anyone for $5,including s&h.I have only a limited supply,but this is a book that everyone should have,especially where a number of computers is involved.It is short and simple!E-mail me and i will get it right out to you!

Collapse -

Some additional tips

by IT geezer In reply to Physically secure your da ...

An excellent article... A couple of items you many may find useful...

1) In addition to the physical security of the systems, I have always recommended access logs. Each person entering the room is signed in and out, with date, time and purpose of visit. This provides an auditable record of access and reduces casual visits. Management can review the log to determine of processes need to be changed that can reduce the traffic in and out of the secured areas.

2) If service work is performed, service logs with servicer name, company, service work performed, service call status(waiting on parts, complete, etc.) and other pertinent information should be documented.

Many service people tend not to document service actions. A common result of non-documentation is that service reps who work on the equipment have greater difficulty resolving recurring or intermittent problems since they have no clear record of twhat service actions have been taken. This policy, to, can provide management with trends and problem alerts in serviceability,reliability and availability.

3) Consoles and other service access devices also need to be secured. Remote access to equipment presents the same risks as physical access. In many cases on mid-range and mainframe systems, hardware can be logically disabled and systems can even be scratch initialized through service functions.

Lastly, documentation should be on a need to know basis. I have seen several large enterprises that actually made network topology available on their internal web servers as web pages, Visio documents and so on.

Password and identification documentation for systems, tape storage and recovery contract people sits in the desk dawer of the CIO, director or manager - where any admin, maintenance or support person can get to it. This information is at least as sensitive as payroll or medical information. Treat it as such.

Related Discussions

Related Forums