How to Secure Your Server Room

Physical access to the server room must be monitored and controlled regardless of the size, scope, or culture of any organisation. The server room is one of the most important physical places in an organisation. In most cases, “business as usual” critically depends on the investments in the server room. So how do you secure this vital zone of the business?

Lucky organisations have their server room as exclusive space yet many times, mostly due to space constraints, servers share space with storage, a workspace, or possibly someone’s office. In general, the larger organisations keep all places secure, and the smaller organisations have to make do with what’s available.

Tools to protect against unwanted access to your server room

There are many ways to restrict access to the area. The solutions range from door locks to sophisticated keycard systems.

Locks. A simple tool to put in place, a keyed lock is one of the most common means of restricting access. However, be careful about what types of keys are used. Your options will vary depending on the type of building you’re located in. If you lease your workspace, chances are your keys are non-duplicable (at least not at your average key copy centre). This is important, as an easily duplicated key is less effective, especially if former employees come into the picture.

If your building has on-site maintenance staff, chances are that the keys you use to get into your protected areas are duplicable. Some keys have warnings on them prohibiting duplication, while others are of a rare shape so that even without a warning, a copy can’t be made. Be aware of the ability to duplicate keys to your protected areas because, over time, some duplicates may be floating around.

If you have a duplicable key for your server room, it may be worth considering periodic changes of the lock and key. This will effectively “expire” any unauthorised duplications, while still providing the flexibility of a nonproprietary key.

Keyless lock or electronic code entrances. Many forms of keyless locks and electronic code locks exist in buildings today. Some of the more advanced systems can be sophisticated and expensive. These systems require a user to input code to gain access through a doorway. The obvious vulnerability with these systems is that if the code never changes, the entire facility may eventually know the code. When that occurs, there might as well be no door at all. Get the individual in charge of locks or external security to help you be diligent about changing the access code if you use one of these keyless lock systems. With some systems, you can also provide different codes to different employees. That way, if someone leaves the company, you can deactivate his or her access code.

Access control cards. The most robust means of protecting access to precious areas is an access control card system. These are full-featured systems that are integrated into a building’s structure and that grant or deny a set of rights to each card (which is assigned to a person). Such systems can configure everything from HVAC, elevators, doors, and even lighting systems. Access control card systems offer the best benefit to large enterprises. They allow facilities to handle special situations, changing staff, and distributed environments most effectively. Some even have software interfaces to control rights. Access control card systems provide the ultimate flexibility, but they’re expensive. Some of the more cutting-edge variants of these technologies include human interface devices to work in connection with card systems.

Strategies to prevent mishaps. Effective security measures may help prevent unwanted access—but some of the more dangerous incidents in the server room can be caused by authorized IT staff. Share with your workgroup some simple rules to be followed in the server room and post clearly visible signs displaying your guidelines. You might include rules like these:

• Do not smoke.
• Do not bring in any food or beverages.
• Keep the door shut (for security and climate control).
• Limit traffic in and out, if it doubles as your office or another usable space.

Designate someone in the organisation to be responsible for delegating access to the server room and for keeping the accessed current. The process can be viewed in a similar manner to a password expiration policy. This person can work with whoever’s in charge of the physical facility to best keep all areas of the room secure. If your patch panel, hubs, switches, and/or routers are in a separate room, be sure to maintain the same diligence in securing that area. Also, consider the other forms of exposure for rooms in which your precious equipment resides. For example, it is a good idea to keep custodial service out of the server room or a wiring closet room to avoid any unintentional contact with your equipment.

Working to limit physical access to the server room is an important part of an IT security plan. Controlling access can help protect against both intentional and unintentional events that may damage the computing environment and result in significant productivity and revenue losses.

Melbourne Locksmiths can help in securing your server room, give us a call or fill our online form.

References: www.techrepublic.com
Article adapted for general information purposes.