Visualize that as a result of the reorganization of your company many colleagues were discharged. And they here once at night to you report that the server malfunctioned. You appear to the data center, open door and reveal that the accommodation looks like the field of battle. Two new counters SAN (Storage Area Network) lie on the floor. The yellow warning fires blink on the disk drives and the controllers. The tile, which covers floor, is dismantled, and into the gaping opening discarded server. Reserve tapes are everywhere scattered... Will be required not one day, in order to be dismantled, what data you lost, but that still it is possible to restore. The colleagues of the security service revealed motion into the server from the empty room by a number, in which was assumed the same false floor.

This case is invented, but something similar can occur, also, in reality. But here is real history on the same theme. Several years ago one of the responsible autonomous servers of our company lost connection with the network. We used stocktaking records of domain for the registration in this machine, but now they proved to be unfit, since cached of stocktaking data on the server was deactivated. Our hopes for entrance with the use of a local stocktaking record of administrator collapsed, when we learned, that someone changed the password and nowhere it he wrote down.

After using program from hackers website, we succeeded herself in being registered on the server with the rights of administrator. Literally through several minutes we again could connect server to the network. First we was glad, that so rapidly again was obtained the access to control of server, but then they considered, which thus any desiring will be able to obtain the unsanctioned access to valuable corporate data of this server and to hide ends into the water, after removing all tracks of its stay. Each, who has physical access to the server, in principle, can this make. Today there are different instrument means, which ensure even simpler access to the server blocked by password.

The moral of these two stories is clear: physical safety is completely necessary. You can shut access to the nonuse ports, neglect software of monitoring events and establish all necessary corrections, but if criminals obtain physical access to to center data, they nevertheless can cause real loss. Thus, the overall protection of server and network includes physical safety.

Estimation of the risk

To determine the probability of penetration into the data center not such a one is easy. For this let us examine several indices.

Cases of the unsanctioned access in you or in your competitors. If in you or in competitors serious incidents occurred, I hope that your management will isolate the necessary resources for the protection from the possible attacks. A change in the corporate policy of safety can be one of the directions of the activity, directed toward averting of attacks.

If company did not earlier undergo physical attack, it does not be worth thinking that the success will always be on your side. Even if equipment is located in the safe place and in you a good protection through the perimeter, someone of dissatisfied employees can at any time deliver impact from within.

Confidential given. The majorities of important companies have such data. Information about the credit cards, corporate financial records, information about the calculations of clients and private affairs of personnel relate to closed type data. The greatest risk from the point of view of the unsanctioned access is connected with these most valuable for the company data.

Possibilities of protection and the risk of detection. Information about the fact that the data center is well protected and that the risk of detection is high, it can be sufficiently so that the criminal would forego the thought to launch attack.

Competence of personnel of the security service. The degree of risk for the company directly depends on the level of training personnel of the security service.

Understanding safeguards by employees. The corresponding identifier during several days could not obtain for a number of reasons 4. In this time me continually approached the used companies and they asked about that, where 4 to ides, where I work and so on. These people not were the colleagues of the security service; they simply supported general corporate safety.

The morale of employee. Mass corporate releases are frequently the reason for the situations, similar of the article described in the beginning. When employees think that the company betrayed them, they do not often see the foundations for preserving corporate faithfulness. They can attempt to deliver "retaliatory attack", after destroying or selling to competitor's confidential data.

Geographical location and local economic conditions. Check the local statistics of criminality in accordance with the specific character of your region.

Not you be self-confident. High pay for the disturbance of safety system must force you to take the precautionary measures, even if in your view risk level is sufficiently low.

Internal enemy

Best method of providing safety - to present to itself enemy and to respectively erect protection. Employees can have available the information about the position of the data center, the arrangement of rooms and the safeguards accepted. They know, what corporate data present special value and they can find the method to destroy them. You must have in the form that the suppliers, the cleaners, personnel, which ensure support, and colleagues, who work on the contract, also can obtain access to information "for the official use".

If you erect protection against the internal enemy, will be required only insignificant additions, in order to be protected from the external attacks. The protection of outer boundary on the perimeter and the safeguards of the data center, which I describe, are developed to avoid both internal and external attacks.

Protection on the perimeter

Visualize the perimeter of the protection of company in order to analyze the surrounding situation around the data center, and produce the estimation of risks. The countless devices of the protection of access, which include blocking doors, cameras, movement transducers and pressure can confuse, and to combine them into the general system of the protection of perimeter not such a one is easy. Following - this is the list of vulnerable places and consultation with the specialist in the safety to the object of their elimination.

Locks and door. Reliable lock in the door of the center for data - first line of physical providing of safety. Acquire the code lock, which supports safety at the level of user. You will establish different combinations for each user and periodically change them. You will determine the procedure of blocking the access of the user, that leaves company. Experts on the safety do not recommend standard locks with the keys or code locks with the only combination, since they do not have sufficiently possibilities of registration, but to lose key or to select one combination is sufficiently easy. Use the lock, which has protective shield, such, that only user, that leads combination, can see auxiliary keyboard.

Configure lock for the logging of the events of the registration of the users, entering the closed region. Companies allow the blocking systems, which support registration. These locks have the built-in infrared port (IR), which you can begin to operate for the press of the periodical of events and list of users. Furthermore, it is possible to use locks with the magnetic cards and identification cards, which support the registration of events. Basic risk for any system, which requires of the users of code input, presence of identification card or key is connected with the fact that the not having in reality of the rights of access users nevertheless can it obtain.

Door is better to select metallic or from the one-piece, solid wood: it must be sufficiently reliable in order to withstand the impact by arm. You will strengthen doorframe and skin, you will arrange loops so that the criminals could not remove door outside, or you will establish no detachable loops. Use for fastening of loops and framework the long screws, which exit to the wall. You will weld on the nuts of any bolts, which leave to the surface of steel doors.

Fire doors or emergency exits. If the planning of room requires the presence of additional output door, place on the door fail-safe device and super-power lock. The standard mechanisms of output door are vulnerable.

External indicators. Indicators and wall maps can conduct criminal directly to the door of the data center. If the direction markers of motion for the visitors with taking of any measures are necessary to you, you will establish them to the necessary period and subsequently compulsorily move away.

You will arrange the data center far from the main flow of visitors, so that the presence of strangers would be most noticeable. When colleagues, who operate hardware, attend the data center, administrator must accompany them.

Take away shielding and packing materials into the container for the rubbish further from the data center. Storage of the empty boxes of computer equipment outside the door - explicit sign of the presence of valuable hardware and data inside.

Walls. You will ascertain that any external walls of the buildings, which are also the walls of computer room, are prepared from the materials, which can resist external attack. During the attack the burglars frequently drive on to the building the stolen pick-up, fill with its goods and they leave. The best protection against such type of attack - fastened in the earth channel bars or pipe, with diameter from 10 to 15 cm, located at a distance to 1,5 it is meter, dug in the earth and flooded by concrete.

Experts on the safety do not recommend making window on the internal walls or the doors of the data center. External windows must be inaccessible from the earth, either them it is desirable to protect by twigs or lattices.

Ceilings and hem. In order to move unnoticeably less than a hundred it is meter with the thefts with the breaking in the store, robber, as is known, is used the space of false floors. You will prolong the walls of the server accommodation higher than floor and it is lower than the false floor in order to connect real ceiling and floor. Furthermore in order to overlap the possibility of access for the criminals, on the walls, which are increased to the real ceiling coating and the floor, are established the sensors of the state of environment (i.e., the level of gas concentration and temperature).

Roof. If the data center is located in the upper level of building, criminals can penetrate in the room through the vent opening from the roof or through the air ducts of conditioning. Ensure the external vents of roof and the equipment for conditioning by the appropriate lattices or with additional bolts. Shut doors to the roof with lattices with the imperceptible presses; regularly check presses in order to ascertain that no one broke them, being prepared for the attack.

Electric power. If the basic panels of switches are located near the data center (for example, outside behind the door), transfer them, or lock, if management solves. One of the possible methods of penetration into the system - turning off of energy in the hope of blocking alarm signal and other equipment of the protection of perimeter. If in you there is UPS for the servers, you will be able to arrange the equipment of the control of access then so as to have a certain protection to the tripping time of energy.

Inside the data center

If criminals nevertheless opened protection on the perimeter of the data center, you still can reveal their presence and detain. I can recommend the following methods.

Electronic supervision. Professional in the region of safety will be able soak to you to combine many electronic acquisition systems, such as cameras (both seen and hidden), video tape recorders, door switches, detectors of motion, sonic sensors, rays of photo cell, stud switches, infrared sensors and wireless technologies, into the integral acquisition system. Thoroughly you follow the information about state and position of all devices, which you installed.

Safety of console. On some keyboards there is a protection with the limitation of the access of users to the concrete systems. The limitations of access it makes possible for users to govern only permitted machines. Criminals can connect our own monitor, keyboard and mouse to the server in order to go around this function, but additional time will leave to this, especially if server room is correctly blocked.