Scribd
Upload
228 views

Data Center Security

The document discusses recommendations for securing a data center, including: (1) keeping servers and critical equipment in a separate, restricted access area; (2) ensuring all activity in the server room is authorized and scheduled; and (3) logging and controlling all physical access to the server room and sensitive equipment. It also recommends securing the entire network, keeping security software and physical security features up to date, and establishing access control policies. The goal is to prevent unauthorized access, changes, or denial of service to protect data and systems.

Uploaded by

Toby Nixon
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
228 views

Data Center Security

The document discusses recommendations for securing a data center, including: (1) keeping servers and critical equipment in a separate, restricted access area; (2) ensuring all activity in the server room is authorized and scheduled; and (3) logging and controlling all physical access to the server room and sensitive equipment. It also recommends securing the entire network, keeping security software and physical security features up to date, and establishing access control policies. The goal is to prevent unauthorized access, changes, or denial of service to protect data and systems.

Uploaded by

Toby Nixon
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

DATA CENTER SECURITY

Running head: DATA CENTER SECURITY

Data Center Security.

David “Toby” Meyers

CMGT/244 - Intro to IT Security

Praful Dixit

November 28, 2010


DATA CENTER SECURITY

Data Center Security

Computer security is the protection of data systems against unauthorized disclosure,

change or destruction and protection of the system itself against unauthorized use, change or

denial of service. Where there are Data Storage Units, there would be some recommendations

that would keep the security of the physical storage units. There would be policies surrounding

access, to monitor and control access.

Always keep servers and critical equipment in separate area. Do not make it another

office, a shared activity room, a storage room or keep it in the hallway. Separate the data storage

units from other areas like work areas. That way there is no excuse for hanging out next to them.

Data Storage Units themselves need security because an open physical port is a method of attack

and if an accident can happen, it will happen. “Securing a computer system has traditionally been

a battle of wits: the penetrator tries to find the holes, and the designer tries to close them,”

(Gosser, 1988).

Make sure all activity in the server room is either emergency or scheduled. “Strict

procedures for access to the machine room are used by most organizations,” (Gosser, 1998).

There should be no one in the room is unauthorized or untested all updates and security checks

should be scheduled regularly anyway. In the event of an emergency, then the meaningfulness of

those operations should be apparent and according to disaster recovery, or emergency continuity

plans. All maintenance, all activity, should be scheduled and approved by the administration

beforehand.

Log all Access. A complete history of every access, every change, should be kept, so that

all happenings around the server room are known. Always check authorized access. Every time

the door opens and someone goes in or someone comes out, the person’s name and what time it
DATA CENTER SECURITY

was accessed and what they say they did, while they were in there.

Secure the room with a physical lock. Do not just let people sneak off into the server

room, however innocent, it may appear to be. That is just how accidents happen and then when

something does happen, the management will ask why this happened and then the answer should

be obvious. “A computer lets you make more mistakes faster than any invention in human

history, with the possible exceptions of handguns and tequila,” Ratliffe, (1992).

Make sure that sensitive equipment is locked or inaccessible. If a hacker can walk up and

simply plug into a hub or another device then it is not secure. Make sure no cables can be spliced

into without some awareness and there are no open ports outside that room.

Lock up ports by physical device and by software security programs that will inhibit the

unauthorized from accessing the system by physically walking up and plugging-in.

You should keep the room and its contents under surveil. Video cameras, transparent wall

and centralized location will allow those working in the area to see the Data Storage unit who is

in the room and what they are doing at all times. It is bad enough you do not know what is going

on inside the box by looking at it; you should always know what is going on outside the box.

Secure the whole network. Secure all surrounding offices with computers and ports; you

can also have software precautions against access by unauthorized persons like access log and

password standards like routine password changes. Never leave your desk with your workstation

logged in. Always use self-closing doors and auto locks. This will ensure that passwords remain

viable and computers remain secure on the network.

Make sure any device that contains sensitive information, schedules or the access log are

secured in a confidential manner. Any Drive, any backups can be hacked and encryption

algorithms given enough time. Shred all physical documents once they are not in use. Any
DATA CENTER SECURITY

documents could provide the attacker with valuable information.

You should always keep your security up to date and in good working order. Anti-virus,

firewalls, encryption, passwords and patches should all be up to date. Any potential security

issues are to be handled in a timely fashion, such as if the lock should break: replace the lock. If

a window is broken, have the window fixed. These are security vulnerabilities and our jobs as

security technicians are to cover them.

There should be policies in place that govern authorized access, both to the physical Data

Storage Units and to the data over secure connections. Only IT staff should have access to the

server at any time and then they should have written authorization and the awareness of your

supervisor. Only the IT management and their direct supervisor should have complete control

over the Data Center. IT staff will have proper authorization and be on schedule. Need to know

access users should be handled with well-formed transactions, so they see what we intend for

them to see and nothing else.


DATA CENTER SECURITY

Conclusion

Recommendations for the Physical Security of the Data Center includes Separate the data

storage units from other areas like work areas. All activity in the server room is either emergency

or scheduled. Log all Access. Control Access and secure the room with a physical lock. Make

sure sensitive equipment is inaccessible. Lock ports by physical device and by software security

programs that will inhibit access by the passerby. You should keep the room and its contents

under surveil. Secure the whole network. Secure all devices. Always keep security up to date and

fix physical vulnerabilities as soon as possible. All access will have proper authorization and be

on schedule. Well-formed transactions grant data to need to know users to provide top security.

Use permissions and access control software as well as escort them to where they are receiving

the information.
DATA CENTER SECURITY

References

Gosser, (1988). Building a secure computer system.

Retrieved November 28, 2010 from: http://nucia.unomaha.edu,

http://nucia.unomaha.edu/dspace/documents/gasserbook.pdf.

Ratliffe, (1992). Technology Review.

Retrieved November 28, 2010 from: mit.edu.

You might also like