Your data center hosts critical data and contains your core assets, including customer information, intellectual property and other business-critical data. And with emerging trends such as Big Data, bring-your-own-device (BYOD) mobility and global online collaboration sparking an explosion of data, the data center will only become more important to your organization and will continue to be the target of advanced malware and other cyber attacks.
Without wasting much time, let me provide you the checklist for data center safety review and audit.
- Server racks must be well strong enough to carry heavy weight hardwares.
- Server racks must be locked with keys.
- In order to maintain the cooling mechanism, check all fans are functional in the server racks.
- Physical security of server room is mandatory using physical locks.
- Access control must be implemented using biometric human verification along with strong password.
- Except networking team and security vendors no other person should allowed entry in the data center.
- For trouble shooting purpose if security vendors are allowed to data center, there must be at least one person from the organization's networking team in order to keep a track record of vendor's activity.
- In case of electricity failure emergency lights & cooling mechanism must be implemented.
- Pest control mechanism must be implemented within the server room.
- Inventory for entry and exist must be maintained physically within the data center. A backup copy of that physical inventory must be created using spreadsheet in the computer.
- Along with entry and exist, access logs must be maintained properly. For an example, if network team needs to access the particular device/firewall/server, below entry must be logged phyiscally in the inventory.
- Which physical device needs to be accessed by the person
- Purpose of accessing physical device
- Duration of accessing physical device
- For critical operations - Is permission granted by his/her superior to do such?