Security Audits for Server Rooms
Server Room Audits Reduce the Risks of Theft, Tampering, and Sabotage.
Security for Data Centers and Server Rooms
Server Roomsare the backbone of many businesses and high-risk facilities, storing confidential sensitive information and other critical data that is vital for operations, safety, and business continuity.
Network or Cyber security tends to focus on software, firewalls, and passwords, etc., however physical security should be a critical component of the overall security plan and risk profile. Unfortunately, it is often these measures that are overlooked or the "base building's" systems may be relied upon. Using and independent
security consultantcan be invaluable in helping you with design criteria and risk mitigation strategies in the early phases of design and construction.
At a bare minimum there should be standard technology in place such as biometric access control, uninterruptable power supply, Intruder alarm and environmental monitoring as well as CCTV/Digital Video Surveillance to provide a basic level of protection.
CCTV Monitoring of Server Room rack spacesThe above measures alone are not enough. In some cases, it is necessary to place video cameras at each rack (or racks) that contain mission critical equipment so you can observe who's there and what works are being carried out. Even installing
anti-tailgatingsystems dramatically reduces risks.
CCTV monitoring is also needed along with electric locking of each individual rack door and all of the above systems can easily be integrated with and controlled by the site
access control system.The above requirements are even more important if there are third party servers or equipment located in the same space.
Many times, we have seen a server or communications room attacked through the wall or false ceiling, so investing in physical security measures and hardening of the actual room may be necessary.
Not all the danger is external. Many attacks, vandalism and outright sabotage have come from disgruntled employees or nefarious contractors. Therefore constant vigilance and regular review of security procedures is required.
Protect Server Rooms with Links to Human Resources Database!How is this possible. Well, linking the access control system with the HR database ensures that if a staff member is terminated (usually HR are first to know) their change in employment status is immediately updated to the access control system database their credentials are instantly invalidated.
For more on this important security scheme please read the section on Active Directory Integration. It may also be wise to adjust policy (and this can also be set up in the access control system) to ensure that no less than two people are allowed in the room at any one time.
These and other site-specific measures can be taken after a security audit is carried out and all of the risks evaluated.