proposal cover page - wordpress.com to the letter of our organizational standards and the...
TRANSCRIPT
PROPOSAL COVER PAGE
Date: October 10, 2013
Brief Description:
The following proposal is confidential for the review of the intended recipient only. The purpose
of this proposal is to present a bid for service, to install a server room. Capacities presented are
physical security, HVAC, fire suppression, power quality, business continuity, disaster recovery,
recommendations, and fee schedule.
Terms of Reference:
(to be determined)
Requestor: Professor Marv Gardner of DMACC Enterprises
Contacts: Primary Contact: Shenica Graham
Backup Contact: Brent Leistner
Backup Contact: Dung Phan
Timeline: Start Date: October 15
th
Completion Date: December 20th
Estimated Budget:
People Resources:
Capital:
Urgency of Project: This is a major project for our organization, which should be given priority according to the
established timeline.
Evaluation Criteria: This project will be evaluated by extensive pre and post- installation testing and analysis, being
completed to the letter of our organizational standards and the satisfaction of the client.
Server Room Installation
Project Proposal
Prepared
October 10, 2013
For
DMACC Enterprises
2006 Ankeny Blvd.
Ankeny, IA
By
Ankeny, IA
The Rock e Tech Team
Shenica Graham (Project Manager)
Brent Leistner
Dung Phan
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 3 of 21
1.0 - Executive Summary
“Rock e Tech” (pronounced Rocky Teck) is Iowa’s number one information technology
designer. Our motto is, “K.O. (knockout) the competition. Biz (do business) like a champ.”
Collectively, we have over twenty years of professional experience providing quality information
security and management services. Our state of the art equipment and versatile solutions are
designed to increase your organization’s productivity without breaking your budget. Our
professional team is your key to success in the digital age.
Having a common understanding of the project scope is important to meeting the
customer’s needs. For this reason, we provide the following definition of a “server room.” A
Rock e Tech server room is a space solely dedicated to housing technology equipment and its
supporting infrastructure at an existing location. This multi-use location is expected to function
in capacities beyond server housing. Since spaces are unique, there is no one-size fits all design.
We will develop an installation tailored to the unique logistics of the customer’s location. We
will follow best practices and design a solution to meet the organization’s specific needs as set
forth in the request for proposals (RFP).
We will delineate important factors in the areas of requirement definition and building
system considerations. Defining the requirements includes consideration for load density,
resiliency, growth, modularity, and flexibility. Regarding specific building systems, we will
consider the physical space, mechanical systems, electrical systems, and ancillary systems. To
find the “best fit” for the customer, we offer pre-installation analysis to identify any preliminary
issues that need solving prior to installation. After the server room is installed and configured,
our quality service department is Online 24/7 for customer support whenever needed.
This project plan outlines the scope of our intended bid for service and is intended as an
outline, not an absolute. Additional elements may be compiled as necessary, to develop the most
comprehensive, contract-winning bid.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 4 of 21
1.1 - The Rock e Tech Team
Your Rock e Tech Server Room design team includes the following key leaders:
• Shenica Graham. Ms. Graham is your server room design Project Manager. She will be
your point of contact to connect you with support services and answer any questions you
may have. She is a computer programmer with extensive project management and
technical writing experience. She will track all project activities, ensure adherence to
established deadlines, manage communications, and monitor each phase of your project
from design to implementation.
• Brent Leistner. Mr. Leistner is your server room design Physical Security and Power
Quality Team Leader. He has sixteen years' experience in the Information Technology
(IT) field, from planning to development. Mr. Leistner will plan and implement physical
security features to maximize productivity of your server room, including money- saving
power quality management.
• Dung Phan. Mr. Phan is your server room design Fire Prevention and Disaster Recovery
Team Leader. He has experience in Information Technology Network Administration and
safety systems. Mr. Phan will develop a fire prevention system tailored to your unique
space and controls. His expertise will empower your organization to recover in the
untimely event of a failure or disaster.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 5 of 21
2.0 – Physical Security
2.1.0 – Controlled Access
By regulating access, you reduce traffic to and from servers. To protect the system unit, your
install location is limited to two entryways: a main access door and one emergency exit. These
doors will remain locked at all times.
2.1.1 – Security Keys
Access to the server room will be via electromechanical doors, with entry controlled by security
cards coded to allow access by only those organizational members for whom access is strictly
deemed necessary. The default key lock position is, “locked.” An ID card system is used. No
other physical keys are integrated, eliminating mass key storage that causes a security risk when
one person has access to all keys at once.
2.2 – Security System Aggregation
The system will automatically configure networked devices including electromechanical locks,
servers, workstations, laptops, and mobile devices equipped with Rock e Tech security
synchronization software.
2.3 – Data Security
All company documentation will be stored on a secure server organized by folders with restricted
access limited to your approved personnel. Asset management will be an integral part of each
database, tracking serial numbers, model numbers, asset tags, and responsible parties for each
asset. Databases will also include all software and licenses used on any associate’s computer.
Other company assets will also be listed within the database as needed. Onsite backup tapes will
be stored in a locked fireproof cabinet in the server room when not in the backup system. Offsite
backup tapes will be stored with a company (such as Iron Mountain) and rotated daily with a 3-
month retention life.
2.4 – Password Security
Passwords will be stored on a server in a restricted access folder limited to your approved
personnel. Information on this server will be backed up nightly on offsite tapes. All major
passwords will be changed on a regular 60-day cycle and communicated when necessary via
encrypted communication only.
2.5 – Laptop Security
Control measures for laptops include encryption and physical locks such as a cable lock or being
locked into a drawer cabinet. When used away from the secure workspace, laptops are to be kept
discreetly. When travelling by ground vehicle, for example, laptops are to be locked away in the
trunk or other concealed space. This seclusion is especially important to avoid public access /
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 6 of 21
visibility while the vehicle is stopped at a destination, or is at rest, including waiting at a red light
or stop sign. When travelling by non-ground transport, laptops should be carried in approved,
secure travel bags. They must not leave the sight and possession of the responsible personnel.
2.6 – Multifunction Printers
All multifunction printers will be within the main part of the building, secluded from general
access. Secure / confidential documents will only print when the peripheral user inputs a valid
security code.
2.7 – Other Physical Security Topics
• Server security
• Server reliability (uptime)
• Public Access
• Staff Access
• File encryption
• Video surveillance
• Biometric access controls
• Automated site backup
• Firewall technology
• Redundant Tier 1 Internet connections
• N+1 redundant battery & diesel power
• Redundant HVAC and 24x7 on-site security & technical support.
• Failure mitigation
• After hours system maintenance
• Application upgrades with posted notices
• Automated alert systems
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 7 of 21
3.0 - HVAC (Heating, Ventilation, and Air Conditioning)
Continuous temperature and humidity control is vital to the proper functioning of the data system
as the equipment dissipates substantial heat while in constant operation. The scope of this section
includes the following topics:
• Air conditioning determination
• General guidelines for data centers
• Temperature and humidity design criteria
• Temperature and humidity recording instruments
• Relocation and temporary storage
• Acclimation
• System air distribution
This section will answer the following questions:
• What controls will you implement to ensure proper temperature and humidity
regulation year-round?
• How much heat dissipation can be expected from the data center?
• How many personnel will be required to operate the system?
• What are the lighting requirements?
• How much fresh air can be introduced in the data center location?
• Will there be reheating of circulated air?
• Will there be heat conduction through outer walls and windows?
• What is the necessary ceiling height?
• What floor area is required?
• What is the number and placement of door openings?
• What is the number and height of partitions?
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 8 of 21
4.0 - Fire Suppression
For personnel safety, it is important to familiarize personnel with the active alarm systems and
emergency contingency plans include fire escape routes. Sound alarm signals at the time of fire
detection and for other abnormal conditions.
4.1 – Clean Desk Policy
Employees will be expected to keep their working area clean to reduce dust in the workplace.
Dust can get into the servers and cause the equipment to overheat. Our team will install smoke
and heat detection systems in both the server and the workstation rooms. There will also be fire
alarms that employees can manually trigger. Employees will have monthly fire drills. They will
be trained on how to respond to a fire appropriately. Possible actions include building evacuation
or extinguishing a small fire.
4.2 - Employee Training
We will train your employees on how and when to use the different types of extinguisher. Fire
extinguishers will be placed in each room where they can be accessible to the employees. Our
team will also train the employees on how to operate a small-diameter fire hose correctly and
safely.
The most common cause of fire in a data center are caused by live electrical equipment such as
wiring, computers, air-conditioning system, data processing panels or appliances. They can be
caused by a spark, power surge, or short circuit. If employees are caught in a fire situation, they
should use the fire extinguisher to put out the fire.
4.3.0 – Evacuation Procedures
If a fire is unreachable by fire extinguishers, employees must follow evacuating procedures.
1. Pull the nearest fire alarm immediately.
2. Shut off all electrical power and shut off the air conditioning system. Emergency
shutdown will be located in server and workstation room. They will also be located
throughout the exit doors.
3. Move to a phone away from any fire, smoke or emergency. Call 9-911 advise the
operator that there is a fire/emergency (of approximate) size and location of the building.
Note: In some cases, step 1-3 will not be possible because a fire has overtaken the
building. In that event, move to next step.
4. Exercise the appropriate evacuation plan.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 9 of 21
4.3.1 – Evacuating personnel
Employees will be divided into groups and there will be a team leader in each group. Team
leader will be trained on the procedures of helping team members to evacuate from the building.
Each team leader will follow the following procedures if a fire has taken hold of the building.
The floor geography will be mapped out from upper to ground level, and have red lines leading
to each exit doors.
1. Prepare and evacuate the building by way of the nearest emergency exit. Do not use
elevators.
2. Close but do not lock all doors as you leave.
3. Before exiting through any closed door, check for heat and the presence of fire behind the
door by feeling the door with the back of your hand. If the door feels very warm or hot to
the touch, advise everyone to proceed to another exit.
4. Call 9-911 advise the operator that there is a fire/emergency (of approximate) size and
location of the building.
4.4 – Administering first aid
In case of an employee needing first aid, all organizational members shall be trained to give the
following first-aid instructions.
• Put out fire or stop the person's contact with hot liquid, steam, or other material.
• Help the person "stop, drop, and roll" to smother flames.
• Remove burn victim from heat source.
• Remove hot or burned clothing. If clothing sticks to skin, cut or tear around.
• Run cool water over burnt area.
• Gently dry.
• Gently clean the injured area.
• Apply antibiotic cream over affected area.
• Use a sterile bandage to cover burns.
4.5 – Fire Safety Checklist
The following checklist will be used to make sure all exit doors are checked weekly for safety
precautions. The checklist administrator will sign off on the completion. A second security
official will re-conduct the check and verify each item. The dual-certified checklist will be
provided to the client along with a duplicable checklist for regular internal fire safety checks.
□ Yes □ No Is each exit marked with an exit sign and illuminated by a reliable light
source?
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 10 of 21
□ Yes □ No Are the directions to exits, when not immediately apparent, marked with
visible signs?
□ Yes □ No Are doors, passageways, or stairways that are neither exits nor access to
exits, and which could be mistaken for exits, marked “NOT AN EXIT”
or other appropriate marking?
□ Yes □ No Are exit signs provided with the word “EXIT” in letters at least five inches
high and with lettering at least one inch wide?
□ Yes □ No Are exit doors side-hinged?
□ Yes □ No Are all exits kept free of obstructions?
□ Yes □ No Are there at least two exit routes provided from elevated platforms, pits, or
rooms where the absence of a second exit would increase the risk of injury
from hot, poisonous, corrosive, suffocating, flammable, or explosive
substances?
□ Yes □ No Is the number of exits from each floor of a building and from the building itself
appropriate for the building occupancy?
□ Yes □ No Can exit doors be opened from the direction of exit travel without the use of a
key or any special knowledge or effort?
□ Yes □ No Where exit doors open directly onto any street, alley, or other area where
vehicles may be operated, are adequate barriers and warnings provided to
prevent employees from stepping into the path of traffic?
Completed by:__________________________ Date:__________________
4.6 – Server Room Inspection
The server room should be monitored daily basis to see ensure proper working conditions and
avoid over-heating of the equipment. Conditions should be evaluated regularly, monitored, and
controlled at all times. Key elements to check are air conditioning equipment and electrical and
data storage.
• Inspect steam pipes and water pipes above the false ceiling to guard against possible
damage due to accidental breakage, leakage, or condensation. Inspection of alarm system,
fire extinguisher and fire suppression system will be checked to see if they are working
properly or if there are any damages to them. These tasks will be done on a monthly basis
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 11 of 21
for the company’s safety.
• Locate emergency exit doors in the computer area. The number of doors depends on the
size and location of the area. Train personnel in emergency measures. Emergency power
shutdown for air-conditioning system and non-fire suppression electrical power will be
installed in server room and aside each exiting doors.
4.7 – Fire Types
All personnel should know fire types and how to extinguish them. They should be aware that
some fire types do not respond to the traditional reaction of dousing with water.
• Class A Fire. This fire type consists of burnable such as wood, paper, and trash. To
extinguish a small fire of this type, use a fire extinguisher, though water works best.
• Class B Fire. This fire type is started by flammable liquids, which include oil, gasoline,
and other similar materials. Beware that this type of fire can cause suffocation. Exhaust
the oxygen source to extinguish this type of fire.
• Class C Fire. This fire type is an electrical file. Always shutdown electrical system, then
use a non-conductive extinguishing agent such as Carbon dioxide. This works best with
gas suppression systems and fire extinguishers. This is one of the most common causes of
fire in data centers.
• Class D Fire. This fire type refers to ignitable metal. Magnesium and Titanium are the
most common types of metal fires. When a metal burns, do not use water in an attempt to
extinguish it. It could produce hot water splashes that could burn your skin. Use a dry
powder-extinguishing agent only for this type of fire. Dry powder agents work by
oppressing the fire.
• Class K Fire. This fire type includes fires comprised of cooking oils, grease, or animal
fat and can be extinguished using the typical extinguishers. This fire class is not common
in data centers.
4.8 – Fire Suppression Systems
The most common fire suppression systems are:
• Gas Suppressants. This is the most common fire suppressant system used in data
centers. These systems will slow spreading of a fire by preventing oxygen from getting to
the fire source. Inergen used in this system is a mixture of gases, generally nitrogen,
argon, and carbon dioxide, and is a clean agent. These gases are stored in a tank and fed
through a pipe system that will run along the sidewalls and ceilings of each room. They
are non-toxic, leave no residue, do not hurt the environment, and are safe for humans.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 12 of 21
These gases will prevent fires from gaining for oxygen.
• Water Systems. Sprinkler fire suppression systems are the most common for business
environment. These systems are consisted of a grid of water pipes that run along the
ceilings. These systems will trigger when temperature reach to a certain degree. Older
data centers may use water systems but these systems can easily get servers and other
equipment wet, which will damage them. Modern data center and will not use water
systems, which is a good thing!
4.9 – Recommended Fire Suppression System
Rock e Tech recommends using a gas fire suppression system. They are very effective to Class
A, B, and C fires. These systems are more costly than water sprinkler systems because of the
extra space that are needed to store the gas tanks. Each room will have a certain number of tanks
depending of the size of the space. Even though it is costly, these gases will not damage your
systems when triggered. The gas can get into places where water will not be able to reach.
Usually, no cleaning is required following the release of gases. The gases are people and
environmentally friendly.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 13 of 21
5.0 - Power Quality
Electrical power quality affects electronic equipment performance. The scope of this section
includes the following topics:
• General power information
• Power quality
• Voltage and frequency limits
• Power load
• Power source
• Dual power installations
• Uninterruptible Power Source
This section will answer the following questions:
• What controls will you implement to ensure that quality power is available to the data
system?
• What are the power requirements?
• What should be considered when evaluating emergency power supply options? For
example, how does one choose between gas-powered generators versus a battery-
powered emergency power supply?
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 14 of 21
6.0 - Business Continuity
Our installation team will work with you from start to finish; making sure your installation is
successful without interrupting normal operation of your organizational systems. Furthermore,
our award-winning support department will be available for the life of your system, according to
our standard warranty and any additional coverage you may have purchased.
6.1 – Location & Environmental Variables
The location of your server room is important to security logistics and your ability to secure
properly what is behind the closed doors of your server room. Our qualified security
management team can assist you with determining the best location within your organization for
the physical placement of your server room. Once you have a location, we will design the best
logistical setup for your secure space. Elements to consider when selecting a location include
vibration and shock control, proper lighting, acoustics and alarm mechanisms, material data and
storage protection, and emergency planning for continuous operations.
6.2 – Data Preservation
You will need to determine exactly what information needs to be maintained in order to recover
from a failure or disaster. You will also need to decide what data will be kept on-site, and what
will be kept on-site, whether a completely redundant copy or your on-site backups, or select
information blocks. Once you have identified these assets, our data security team will assist you
in implementing an appropriate backup strategy. We recommend fireproof safes for both on-site
and off-site backups. For your convenience, your server room installation includes an internal,
fireproof vault for on-site storage of data, licensed software, and disaster recovery tools. Regular
backup testing should be performed regularly to ensure that backups accomplish intended goals
in the event an emergency.
6.3 – Software Preservation
Physical copies of licensed software packages used with our service will be maintained onsite in
an interior vault within the secure server room, on offsite with your financial services provider,
in a vault secured, and locked safe box. Each security software vendor's contact information will
be maintained in a directory listing included in the security policy and procedure manual.
6.4 – Supporting Technologies
To provide peace of mind with our quality services, your server room will be equipped with
security technologies such as Microsoft Cluster Server, and Redundant Array of Inline Disks
(RAID) systems such as…
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 15 of 21
6.5 – Training
Rock e Tech will provide training for your server system operators and administrators to
empower them to respond in a timely and professional manner to your server room needs. You
may choose to include other organizational members (or your entire organization) in these
trainings, or you may utilize the training tools we provide when working with your leaders, and
these trained personnel can train your organization.
6.5.1 – Incident Response Team
You will select a dedicated incident response team to react expeditiously and appropriately in
case of an emergency. Your incident response team and security officials will practice fire drills.
6.6 – Supporting Documentation
Rock e Tech will provide an operations and procedures manual with your server installation.
This priceless guide will detail your new system’s capabilities, proper maintenance, support
contacts, and how to access help on-site and Online. This publication will also contain a record
of critical systems hardware and software configurations used for your installation to allow
troubleshooting by your on-site security team when necessary, before a full maintenance (a fee-
based service) service is required. This documentation can save significant costs for your
organization and it is a recommended read for all members of your security team.
6.7 – Your Personal Business Continuity Plan
Since your installation is pre-construction, you have the flexibility to implement key elements
from phase one, rather than trying to fit them in later if space is available. Based on your initial
RFP, we recommend the following plan to protect continuity of your business:
• Hot Site Facility. The ground floor of your space and projected budget is suited to host a
fully-integrated, configured facility housing all services, communications links, and
physical plant operations. This site will include tailored heating and air conditioning
units. Computing resources, peripherals, phone systems, applications, and workstations
will be available on-site. Only data backups and routine maintenance will be required to
keep this site as a fully-functioning replica of your entire operation. It requires only
minutes to go live and can generate the full capacity of your existing systems. The
process will be seamless for your internal and external customers, providing service
without interruption by taking over necessary and support processes from a damaged or
failing system. A hot site is your best option for near real-time recovery.
• Rolling Mobile Site. On the second floor, directly above the Hot Site, the extra utility
closet will be transformed into a smart generation room, housing a rolling mobile
contingency unit. This unit will contain duplicate equipment for availability in the event
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 16 of 21
of an emergency. Security personnel on the upper level of your facility will be able to
extract key equipment quickly, if needed faster than the time it would take to get to the
first-floor server room.
• Electronic Vaulting will be used to create sufficient backups for uploading to
contingency equipment when needed. This process, which consists of transferring large
data batches to an offsite location for secure storage and retrieval, will ensure that in the
event of necessary migration to the hot site or rolling mobile unit, you will have virtually
the same information required to run your business, that you had before migration.
• Remote Journaling will prevent data gaps between your contingency data upload from
your electronic vault service, and the last stable state of date before migration became
necessary. The remote journaling process transfers live transactions from your on-site
servers to a trusted off-site facility. This feature will be activated automatically, thanks to
a contingency switch built into Rock e Tech servers. If a predetermined number of
transactions are significantly slow, the system will perform an immediate self-check,
which is imperceptible to your internal and external customers with the exception of
being documented in a log file. If a sequence of flags are set off during the check, remote
journaling will be activated.
• Database Shadowing. If and when remote journaling is activated, the server’s built-in
contingency system will notify your security management team by auditory alarm and
instant message to configured mobile devices. The system will concurrently notify your
remote storage site, and duplication of your organizational databases at the offsite
location will be initiated, including not less than three copies of your critical data.
• Activity Logs. Logs are very important and useful to solving information-related and
virtual (cyber) crimes. To All server activity is logged for investigative purposes of your
server’s built-in data mining. The system constantly compares logged data to historical
data and your network variables. If a predetermined condition is not met, a notice will be
logged and directly and indirectly related server activity will be tracked and logged in a
file coded to the specific initiating incident. In less than .65 seconds, the server can filter
hundreds of log files. According to set variables, if a breach is detected or anticipated,
logged data is copied to a “Legal Contingency” file with a time / date stamp. These files
can be easily extracted for review by your local law enforcement in the event of a breach
or determined threat to proactively prevent attacks.
• Law Enforcement. If and when a legal contingency file is created by the server’s
security system, an automated notice is sent to your security management team and to
your local data and cybercrime law enforcement officials.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 17 of 21
7.0 - Disaster Recovery
7.1 – Your Personal Disaster Recovery Plan
• Hot Site. As stated in Your Personal Business Contingency Plan, Rock e Tech will
implement a Hot Site at your location to provide emergency response support and
recovery tools. Since this will be a data center, the information that is held in the server
room is crucial and will need to have real-time backup systems. All hardware and
software will be setup and running before the installation is complete and our team leaves
your site on the final day of the project (see proposed timeline).
The hot site method is not the least expensive implementation. However, it provides the
most global security coverage for all of your information assets. It is an expensive and
important step toward total recovery in the event of a disaster.
• On-site and off-site backup servers will be used in case of a main server failure or other
system damage. These backup servers will be updated regularly by your automated
recovery assistant, built into the Rock e Tech server. This process will ensure that your
data is available and current if and when needed, and ready to go with the most current
variables.
• Daily System Testing. Since we can’t predict when a disaster will occur, disaster
recovery testing will be automatically run at four daily intervals, in a seamless process
managed by your automated recovery assistant. This procedure ensures that all equipment
and software are working properly in the event of a disaster. Automated testing will
commence at 4:00 am, 10:00 am, 4:00 pm, and 10:00 pm by default. You can edit the
testing quadrant (times) to suit your business traffic. Each employee of the disaster
recovery site must review and approve each the daily recovery procedures to verify
proper and thorough testing.
Testing will proceed methodically through data logs following established test scripts to
validate and verify data copying. Each copied asset will be logged and tracked to prevent
data loss. Controlling software should also be tested to ensure proper configuration and
that application versions are up to date. Software updates must be confirmed compatible
with existing systems before implementation.
• Data Restoration. Following backup testing, your security team can execute the
restoration process.
• Staffing the Disaster Recovery Site. Based on the size and expertise of your
organizational security team, no outside staff is required. However, you may want to
enlist mutual agreements with providers of needed services, as a backup to your in-house
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 18 of 21
subject matter experts. It is best to have the internal employees who write the backup
procedures, also work at the disaster recovery site. Having internal employees run this
operation reduces risk and lessens potential confusion between employee and employer
when needed action is required. Outside staff may be hired if further assistance is
necessary.
Other Disaster Recovery topics
• Plans and procedures should already be developed before a failure occurs. Most the time,
when a failure occurs and continuity of operations is halted for a prolonged period, it is
because procedures and plans have not been developed correctly.
• The software configuration of systems should be maintained. This includes operating
system versions, service pack updates, and any other software.
• You should keep track of hardware configurations such as disks and partitions; peripheral
devices installed; and IRQ, DMA, and I/O addresses.
• Always ensure that backups are current and up to date. If possible, perform trial restore
operations to test backups.
• Implement new technologies such as Microsoft Cluster Server. Microsoft cluster server
technology will be discussed later in the paper.
• Implement RAID technologies. These are also discussed later in the paper.
It is also possible in some cases to implement standby servers. Backed up information is restored
on a computer that is purely for redundant purposes.
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 19 of 21
8.0 - Summary
The scope of this section includes the following topics:
• Pre-installation recommendations
8.2 - Post-installation recommendations
Further plans should include training of personnel to act in an emergency.
• Included services
• Nominal fee services
This section will answer the following question:
• Why should DMACC Enterprises choose Rock e Tech services over the competition?
Server Room Proposal (Team 2)
NET612 WW1 Fundamentals of Network Security p. 20 of 21
Sources
“Business Continuity and Resiliency Services.” http://www-935.ibm.com/services/us/en/it-
services/business-continuity-and-resiliency-services.html
“Criteria for Staffing a Disaster Recovery Site.”
http://searchdisasterrecovery.techtarget.com/feature/Criteria-for-staffing-a-disaster-recovery-site
“Emergency Planning for Continuous Operations.”
http://pic.dhe.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=%2Fiphad_p5%2Fcontinuo
usoperations.html
“Evaluating Emergency Power Supply Options.”
http://searchdisasterrecovery.techtarget.com/answer/Evaluating-emergency-power-supply-
options
“Fire suppression Systems and Your Data Center Disaster Recovery Plan.”
http://searchdisasterrecovery.techtarget.com/tip/Fire-suppression-systems-and-your-data-center-
disaster-recovery-plan
“NIST Special Publication 800-12: Computer Security. An Introduction to Computer Security:
The NIST Handbook." http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf
“Physical building properties to evaluate during server room design.”
http://searchdatacenter.techtarget.com/tip/Physical-building-properties-to-evaluate-during-
server-room-design
“Physical Security Guidelines.”
http://www.dps.mo.gov/homelandsecurity/safeschools/documents/FBI%20-
%20Physical%20Security%20Guidelines.pdf
“Planning Physical Security.”
http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=%2Frzamv%2Frzamvplan
physec.htm
“Property Loss Prevention Data Sheets.” http://www.shuw.org/wp-
content/uploads/FMDS1005_DisasterRecovery.pdf
“Security Plan Document.”
http://www.docusourceofnc.com/files/8712/4579/2761/DocuSource%20Security%20Document
%20V2-3%201008.pdf
“Security Planning.” Microsoft Technet. http://technet.microsoft.com/en-
us/library/cc723503.aspx
“Server Room Planning.” http://www.servervaulting.com/serverroomplanning.asp
“Site Preparation and Physical Planning.”
http://pic.dhe.ibm.com/infocenter/powersys/v3r1m5/topic/p7ebel/p7ebel.pdf.
“Temperature and Humidity Design Criteria.”
http://pic.dhe.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=%2Fiphad_p5%2Ftempand