-
Develop a physical security plan that includes a description of your assets, environment, threats, perimeter, and defenses.
-
Determine who might have physical access to any of your resources under any circumstances.
-
Have heat and smoke alarms in your computer room. If you have a raised floor, install alarm sensors both above and below the floor. If you have a dropped ceiling, put sensors above the ceiling, too.
-
Check the placement and recharge status of fire extinguishers on a regular basis.
-
Make sure that personnel know how to use all fire protection and suppression equipment.
-
Make sure that the placement and possible use of fire suppression systems will not endanger personnel or equipment more than is necessary.
-
Have water sensors installed above and below raised floors in your computer room.
-
Train your users and operators about what to do when an alarm sounds.
-
Strictly prohibit smoking, eating , and drinking in your computer room or near computer equipment.
-
Install carbon monoxide detectors.
-
Install and regularly clean air filters in your computer room.
-
Place your computer systems where they will be protected in the event of an earthquake, explosion, or structural failure. Avoid windows .
-
Consider the heat and air flow patterns in the room and from the computers. Avoid placing computers next to walls.
-
Keep your backups offsite.
-
Have temperature and humidity controls in your computer room. Install alarms associated with the systems to indicate if values go beyone a certain range. Have recorders to monitor these values over time.
-
Beware of actual insects trying to "bug" your computers.
-
Install filtered power and/or surge protectors for all your computer equipment. Consider installing an uninterruptible power supply, if appropriate.
-
Have antistatic measures in place.
-
Store computer equipment and magnetic media away from your building's steel structures. These might conduct electricity after a lightning strike.
-
Lock and physically isolate your computers from public access.
-
Consider implementing motion alarms or other protections to protect valuable equipment when personnel are not present.
-
Protect power switches and fuses .
-
Avoid having glass walls or large windows in your computer room.
-
Protect all your network cables, terminators, and connectors from tampering. Examine them periodically.
-
Use locks, tie- downs , and bolts to keep computer equipment from being carried away. When equipment must be moveable, permanently tag it.
-
Encrypt sensitive data on your systems.
-
Have disaster-recovery and business-continuation plans in place.
-
Consider using fiber optic cable for networks.
-
Physically protect your backups and test them periodically.
-
Sanitize media (e.g., tapes and disks) and printouts before disposal. Use bulk erasers , shredders and incinerators.
-
Check peripheral devices for local onboard storage that can lead to disclosure of information.
-
Consider encrypting all of your backups and offline storage.
-
Never use programmable function keys on a terminal for login or password information.
-
Consider setting autologout on user accounts and using screensavers with unlock passwords.