A.9 Chapter 8: Physical Security for Servers

Previous page
Table of content
Next page

  • Develop a physical security plan that includes a description of your assets, environment, threats, perimeter, and defenses.

  • Determine who might have physical access to any of your resources under any circumstances.

  • Have heat and smoke alarms in your computer room. If you have a raised floor, install alarm sensors both above and below the floor. If you have a dropped ceiling, put sensors above the ceiling, too.

  • Check the placement and recharge status of fire extinguishers on a regular basis.

  • Make sure that personnel know how to use all fire protection and suppression equipment.

  • Make sure that the placement and possible use of fire suppression systems will not endanger personnel or equipment more than is necessary.

  • Have water sensors installed above and below raised floors in your computer room.

  • Train your users and operators about what to do when an alarm sounds.

  • Strictly prohibit smoking, eating , and drinking in your computer room or near computer equipment.

  • Install carbon monoxide detectors.

  • Install and regularly clean air filters in your computer room.

  • Place your computer systems where they will be protected in the event of an earthquake, explosion, or structural failure. Avoid windows .

  • Consider the heat and air flow patterns in the room and from the computers. Avoid placing computers next to walls.

  • Keep your backups offsite.

  • Have temperature and humidity controls in your computer room. Install alarms associated with the systems to indicate if values go beyone a certain range. Have recorders to monitor these values over time.

  • Beware of actual insects trying to "bug" your computers.

  • Install filtered power and/or surge protectors for all your computer equipment. Consider installing an uninterruptible power supply, if appropriate.

  • Have antistatic measures in place.

  • Store computer equipment and magnetic media away from your building's steel structures. These might conduct electricity after a lightning strike.

  • Lock and physically isolate your computers from public access.

  • Consider implementing motion alarms or other protections to protect valuable equipment when personnel are not present.

  • Protect power switches and fuses .

  • Avoid having glass walls or large windows in your computer room.

  • Protect all your network cables, terminators, and connectors from tampering. Examine them periodically.

  • Use locks, tie- downs , and bolts to keep computer equipment from being carried away. When equipment must be moveable, permanently tag it.

  • Encrypt sensitive data on your systems.

  • Have disaster-recovery and business-continuation plans in place.

  • Consider using fiber optic cable for networks.

  • Physically protect your backups and test them periodically.

  • Sanitize media (e.g., tapes and disks) and printouts before disposal. Use bulk erasers , shredders and incinerators.

  • Check peripheral devices for local onboard storage that can lead to disclosure of information.

  • Consider encrypting all of your backups and offline storage.

  • Never use programmable function keys on a terminal for login or password information.

  • Consider setting autologout on user accounts and using screensavers with unlock passwords.


Previous page
Table of content
Next page
Practical UNIX and Internet Security
Practical Unix & Internet Security, 3rd Edition
ISBN: 0596003234
EAN: 2147483647
Year: 2003
Pages: 265
Authors: Simson Garfinkel, Gene Spafford PH.D., Alan Schwartz PH.D.
BUY ON AMAZON
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Managing Enterprise Systems with the Windows Script Host
Cisco Voice Gateways and Gatekeepers
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Microsoft WSH and VBScript Programming for the Absolute Beginner
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy