Many large enterprises employ numerous servers to support their needs. These servers, hosting a business’ most critical applications, are often physically stored at one single location within the enterprise. This concept, commonly referred to as a server farm, provides the benefits of centralized control and management. Nevertheless, this approach has its inherent weaknesses as a collection of servers are more vulnerable to physical damage than distributed servers. This issue, however, can be properly addressed by appropriate security measures. The Company IT’s Server Room Security Procedure addresses the issue and provides policy guidelines necessary to sustain server operations.
The Server Room Security Procedure is applicable to all those employees at The Company whose responsibilities require access to and interaction with the server room.
The Company, IT.
In order to ensure the security of the server room, the following guidelines must be taken into account by those involved with the server room.
- Access to the server room is restricted to the IT system administration team. By default, this team consists of five members of the IT staff.
- Other members of the IT department that desire access to the server room must obtain the Server Room Access Request Form (TBD) from the IT helpdesk. After completing this form, the requester should submit the form to the IT helpdesk. The IT helpdesk will check the form whether or not it’s completed, and if complete, will forward the request to the IT manager for review and (dis)approval.
- Members of the IT system administration team are assigned a four-digit pin code necessary for accessing the server room.
- Access to the server room requires the member’s employee pass in combination with his personal four-digit pin code.
- Pin codes should be regularly changed.
- To access the server room, the member must first go through the adjacent computer room.
- Access to the computer room also requires authentication with the member’s pass and pin code.
- Access to the computer room is restricted to members of IT. These members will also be assigned a four-digit pin code for access to the computer room. They, however, cannot access the server room with their pin codes.
- In the case of maintenance of server room equipment by third party companies (such as China Telecom), the maintenance engineer must be accommodated by at least one member of the IT system administration team during the period of maintenance.
- One member of the IT system administration team must be assigned to the task of checking the server room on a daily basis.
- In order to prevent system malfunctioning due to overheating, the air conditioners in the server room must be configured to maintain the temperature at between 21 and 23 degrees Celsius.
5. Roles and Responsibilities
The Server Room Security Procedure involves the following roles and corresponding responsibilities.
|IT System Administration Team (SAT) (also System Team)||
|IT personnel (other than SAT)||
6. Definition and Abbreviations
Server: A computer which provides some service for other computers connected to it via a network.
Server farm: A server farm is a collection of computer servers usually maintained by an enterprise to accomplish server needs far beyond the capability of one machine. It also allows the distribution of tasks so that when one particular server (such as email) fails, the entire system is not stopped.
IT: Information Technology
SAT: System Administration Team
7. Procedure details
7.1. Procedure definition
7.1.1. Accessing the server room
IT SAT members access the server room at second floor by using their employee ID cards and the personal pin code assigned to them by the SAT team. Accessing the computer room and the adjacent server room both require authentication.
7.1.2. Requesting access to the server room
IT personnel that require access to the server room, but are not part of the SAT can request access to the server room. They should obtain the Server Room Access Request Form (TBD) from the IT helpdesk. After completing the form, the requester should submit the form to the IT helpdesk for further processing. The IT manager is responsible for reviewing and (dis)approving the request.
7.1.3. Checking and maintaining the server room
Daily checks must be performed by SAT in order to proactively identify possible problems that might compromise the system. If any vulnerabilities are identified, the SAT must take immediate action to address the issue. Moreover, SAT must ensure that sufficient disk space is available on the servers for normal operation. SAT must also ensure that the temperature in the server room measures between 21 and 23 degrees Celsius; proper climate control is a necessity.
7.1.4. Reviewing and updating the Server Room Security Procedure
Similar to other procedures, the Server Room Security Procedure must be regularly reviewed and adjusted to reflect the current conditions. The IT manager should first assess the changes that affect the procedure. Subsequently, he should edit the current version of the Server Room Security Procedure and replace it with the updated version.
7.2. Procedure flow charts
7.2.1. Accessing the server room
7.2.2. Requesting access to the server room
7.2.3. Checking and maintaining the server room
7.2.4. Reviewing and updating the Server Room Security Procedure