How to Keep Unauthorized Personnel Out of Your Server Room
by Stephanie Faris on Monday, June 20 6:00
Businesses that still have server rooms on site face an ongoing challenge to keep equipment secure and fully operational. This means having the right software in place to keep hackers out, as well as making sure the room stays cool and dry to avoid damage to sensitive server components.
But one of the biggest dangers a business faces is physical infiltration. Server rooms should be behind locked doors, with only a small group of IT employees allowed access. However, without proper care, the wrong people can end up circulating through your server room, giving them access to sensitive customer data. Here are a few server room security measures you can take to keep your business safe.
Traditional metal keys aren t sufficient to keep important areas safe. If you haven t already, consider installing electronic keycard access at least on your server room doors. Make sure you choose a solution that lets you track every person who enters and exits a doorway, as well as the times they did so. In addition to locking access to these areas down, it will give you the information you ll need if a security breach occurs. It also acts as a deterrent to team members who might consider propping the door open or loaning their keycards to someone else, since they ll realize that their activities may be monitored.
If you re allowing your entire IT staff access to your server rooms, you re making a big mistake. Instead, you should ensure that only a select group of server administrators have keycard access, with the rest only entering when accompanied by one of those administrators. If your help desk uses the server room for other purposes, such as storing extra equipment, set up a separate area outside of the server room and change access to keep them out. This will give your organization better control over the room, reducing the risk that an incident will occur.
Even with only a few select employees having access, occasionally outside vendors will need into the room. Your air conditioner could be malfunctioning, for instance, or building maintenance could need in to repair or update something. Even if these outsiders are trusted building employees, have strict policies in place that require each outside worker to be escorted into the room by an authorized server administrator. That administrator should stay with the vendor the entire time, as grueling as that might be. When your policies make it impossible for an outsider to gain access to your data, everyone will see how seriously you take your security. In some cases, software vendors may need access to update their third-party software, but this should be done remotely, rather than allowing them to set up camp in your server room for hours at a time.
Server rooms must remain protected spaces at all times. By reviewing your own internal policies and making changes that keep things safer, you ll be less likely to have a security breach. It may not be popular with employees, but your top priority is to keep your customer data safe and this often requires taking proactive measures.