Whether premise-based or in the cloud, protecting your server room is the best way to safeguard your critical corporate data and ensure continued compliance with your applicable industry requirements. To help you stay secure, here are seven helpful tips to ensure your servers are defended, wherever they’re located.
Your first line of defense should be ensuring there are sufficient physical or electronic locks on the server room door and that they’re being used. After all, your servers represent the life-blood of your organization. Make it a policy that the server room door should be locked at all times that it is unoccupied and that only authorized personnel have an access key or code.
To further protect your servers, invest in lockable, wall-mount server cabinets or floor-mount racks or cages that can be bolted directly to the floor or wall. This will help ensure that your servers are nearly impossible to steal.
If your server room is compromised for space, it’s a good idea to create or designate an unused office or closet area for storage of valuable electronic devices that aren’t being utilized due to employee absence or excess inventory. The unused devises will be out of sight and out of mind for potential thieves or unauthorized personnel.
To prevent accidental or intentional tampering of hard drives or server information by folks that have access to your server room, invest in a quality surveillance system with 24 x 7 x 365 monitoring. With today’s latest technological advances, it’s a relatively small price to pay for peace of mind. In fact, it’s a really good idea to invest in a system that surveys and monitors all critical access points into your facility, especially the front lobby location as well as any side or rear entrances.
5. Know who Is watching your servers
Pre-employment background checks have become nearly universal. Your internal HR department or data center partner should be running them routinely through a third-party vendor with experience in performing background checks for IT employees. They should also perform background checks on vendor and contractor employees who will have access to data.
6. Deploy proper exit procedures for employees with secured access
Make sure procedures are in place to change and remove access codes and credentials when an employee leaves your company. Also, make sure these procedures are known and shared with external providers, if appropriate.
7. Control your vendors
When a vendor or a contractor needs access to the data center, you or your provider should have policies around access and be able to continually monitor their activity to prevent data theft.