Network Physical Security in San Francisco Bay Area
Activsupport's Guideline for physically securing servers
This document covers the basics of physical security in a network environment. The aspects covered hereafter are guidelines for physically securing your computing environment and to harden your servers/stations within your network. Some points may not be necessary depending on the needs and budget of the organization. However, to achieve and maintain the highest level of security in your environment, these following points should be considered seriously.
Most of the points mentioned below primarily apply to servers. Some of them, however, can be applied to workstations as well.
Physical security
Physically securing the servers
- Servers must be placed in a locked room
- If needed, protect the room using electronic card access, thus recording any access to the room.
- Provide temperature and humidity controls to avoid any equipment damage.
- Install a UPS on any server and its associated software to allow an automatic server shutdown when there is a power outage.
- If no hardware-based RAID system is installed in servers, there should be at least a software-based RAID system installed. If needed, use surveillance cameras.
- Lock CPU case and ensure key is protected. Make a backup key and keep this key in a safety deposit box (outside the office). The server room should be arranged in a way that people outside the room cannot see the keyboard (thus seeing users/admin passwords).
- Any unused modem must be disabled/removed.
- No password evidence around the system (or under keyboard!).
- Any documentation concerning LAN settings, telecom equipments settings.
- Important user IDs and passwords should be kept in a safe/restricted location.
- Only a limited number of people should have access to the server room (no maintenance person should be allowed in these rooms).
- Keep track of your computer inventory (e.g. laptops are often stolen without company knowledge).
Protect the system from undesirable booting
- Boot sequence in BIOS must be modified. The hard drive must be setup first and the floppy thereafter.
- If possible, modify the BIOS settings so that the key sequence to access the BIOS is not displayed during the boot up sequence.
- On mission-critical servers, floppies and CD-ROM could be disabled or even removed physically to provide the highest level of physical security.
BIOS password must be set using a hard-to-guess method. (Good length, mixed letters and numbers)
Set up storage protection for back-up tapes
- Back-up tape drive and tapes must also be located into a secured room.
- Secure off-site storage system for back- up tapes. Note: The information contained on the tapes is crucial information for the company. Therefore, files being backed up can be encrypted on tapes to ensure maximum confidentiality.
Conclusion:
This document covers security from a physical perspective. However, this is far from being a complete analysis for a secured network. Besides physical security, Activsupport recommends having strong security policies, one penetration test per year and an internal audit of the systems in the clients network.
For more information about Activsupports complete security offer, please browse our security section. For straight answers to all your VPN questions we recommend reading our VPN FAQ. If you have any questions with regard to your contact us
Case Studies
- HDD Backup Solution with Remote Storage & Management A recent study discovered that, of companies experiencing a “major loss” of computer records, 43 percent never reopened, 51 percent closed within two years of the loss, and a mere 6 percent survived over the long-term For small and medium-sized businesses (SMB’s) in particular, these statistics suggest the necessity of crafting a Business Continuity Planning (BCP) strategy grounded in a robust data backup and recovery solution. Unlike enterprises, many smaller companies cannot afford optimal in-house strategies and solutions in service of BCP. These companies are consequently at an elevated risk of being put out of business due to any major loss of data. Read the study, and find out more about ActivSupport's answer to this challenge.
- Information Technology Industry
- Legal Industry
- Insurance Industry
- Financial Industry
Other News
- ActivSupport Sponsors Collective Roots in Palo Alto
- ActivSupport joins 1% For The Planet
- Search Engine Optimization Services
- Advanced Disaster Recovery Solution ActivSupport is proud to introduce ActiVault, a state of the art data backup and disaster recovery Solution that “bullet proofs” your data, and virtualize your environment for immediate access in the event of servers disaster. ActiVault is available in San Francisco, Los Angeles, New York, and anywhere in the continental U.S. We offer a pricing packaged that is all inclusive of the complete backup and disaster recovery service-with no hidden costs. All your costs are bundled and include the NAS, the Incremental Forever Methodology, file restorations, file integrity checks, secure data transmission and remote storage. Cost is comparable and often less than older tape backup and tape library solutions.
- VoIP Consulting ActivSupport entered the small business phone systems and now provides VoIP consulting in the San Francisco Bay Area with a comprehensive VOIP offering featuring a select pool of voice and data carriers as well as a suite of telephone systems taylored to the small business needs. ActivSupport is now positioned to provide a range of comprehensive small business phone systems solutions, along with the appropriate connectivity and ongoing support plans thanks to over a decade of experience in the data networking market, addition of voice veterans to our technical staff, and training of our data expert staff.
Nationwide Services
