Home > Articles > Security > Network Security

  • Print
  • + Share This
Like this article? We recommend

Physical Standards for Large Installations

Large equipment installations of all types present an entirely different sort of problem and should be protected much more intensively. The remainder of this section deals with physical and environmental standards for large or mission-critical installations.

Access to Equipment Areas

The standards document should bar all unauthorized individuals from equipment rooms and computer centers unless they have a documented reason to be there. This restriction includes other employees as well as visitors of all types. The room should employ additional protection, such as locks on the door, cipher locks, and other improvements. Just like the computer center, any large glass areas in the building should be considered for either reinforced glass or masonry to prevent damage from outside sources or intrusion.

General Housekeeping

In terms of housekeeping in the large network installation, a number of items should be mandated. This includes a ban on eating, drinking, smoking, or open flames of any type within the large network location.

Evaluation of Power

Power and environment for large network locations must be tested thoroughly. In areas where mission-critical applications are supported by large-scale systems, the use of such precautions as uninterruptible power supplies should be considered seriously.

Fire Protection

Fire extinguishers, fire alarms, Halon, etc., for any large-scale system should be on a par with or equivalent to those of large computer centers, which provide similar functionality in terms of mission criticality. This rule includes your PBX room and other telecommunications installations. Your standards should address smoke and particle detectors, fire escape plans, moisture detectors, dry-pipe sprinklers, Halon systems, and other miscellaneous items. You may also need to include such steps as labeling water pipes for fast shutoff in the event of a leak in the equipment room. Other items that we’ve seen in such plans typically include sheets of plastic or equipment covers, which can be thrown over equipment quickly in the event of any type of water problem in the building.

Change Control for Mission-Critical Equipment

Any mission-critical equipment (mainframe, open system, or telecommunications) should employ change-control management, including a list of persons authorized to make major software changes. Such standards should also include procedures for the password protection of maintenance functions, particularly those accessed from offsite. Procedures should be in place that require a full backup prior to any major software changes, to allow for fallback in the event that something goes wrong.

Disposal of Confidential Materials

Other items may also be included in the physical standards section, such as how to dispose of confidential materials. It’s imperative that anything containing an access code or other confidential information be shredded, just like in the computer room, to avoid the chance of that data being intercepted by "dumpster divers," who delight in going through corporate trash and selling items of value to the highest bidder.

  • + Share This
  • 🔖 Save To Your Account