client server server room risk
TRANSCRIPT
Data Networking Year 2
Client Server NetworksMinimising Server Room Risk
Colm Bennett
Server Room Security - Why?
Business more and more dependent on IT
IT risk more closely aligned to Business Risk
Client Server approach centralises IT risk
Makes catastrophic/systemic failure more likely
But also makes IT risk more controllable
Central location
Concentrated IT resources
Server Room security aims to minimise IT risk associated with centralised server
Key Risk Areas?
What are the main risks area for a server room?
Not just physical security anything that could cause loss of service
You Tell Me....
Risk Areas
Human Theft, sabotage, accident etc
Fire accident, deliberate, overheating, electrical
Water flooding, burst pipes etc
Electrical surge, power cut
Temperature over heating, AC failure
Geographical Location earthquake, hurricane, flooding etc.
Designing to Minimise Risk - Location
Few doors as possible
Fire rated doors
Centre of building
Easier to control temp (windows)
More secure
Walls extend up through any false floors/ceilings
Not on top floor (heat) or basement (flooding)
Away from water pipes, toilets etc
Designing to Minimise Risk
Air Con
Air Con system to maintain tempature
All ducts kept clear of dust etc
Nothing blocking ducts
Tempature monitors on key servers
SMS alerts
AC units regularly maintained, possibly duped
Designing to Minimise Risk - Power
Estimate and plan for power consumption
Google datacenter beside dam
Install power surge equipment
Install UPS with alerts, auto shutdown
Possibly generators
Designing to Minimise Risk - Security
At least regular locks
Ideally biometric
Camera surveillance (e.g. IP Cameras)
Motion sersors
Locked cabinets glass break sensors
Designing to Minimise Risk - Building/Construction
Dectors wired in
Racks raised off the ground
Non liquid fire suppressant systems
Designing to Minimise Risk - Layout
Well laid out server room
Less likelyhood of human error
Culture of tidyness is important
Patch Panel slopiness leads to mistakes
Designing to Minimise Risk Audit Risk
Written secuity polciy
Regular auditing
Both to check current measures are really working and to review any new risks
Click to edit the title text format
Click to edit the outline text format
Second Outline Level
Third Outline Level
Fourth Outline Level
Fifth Outline Level
Sixth Outline Level
Seventh Outline Level
Eighth Outline Level
Ninth Outline Level