Server Room Security
I'm just looking to get an idea of how other schools do this but please could you let me know how you secure your server rooms. For example do they have windows, one door or more for entry, are they part of a fire escape route etc, how many people have a key, what type of door(s) secure the room?
What would be the best practice that you would follow?
Ours is off a corridor but you have to go through our store room to get it to it and both doors have keycoded pads on it and both numbers are different. Only people who know the code are IT staff / Premises
Mine has a front and back door, no windows. The doors are reasonably solid interior doors. I have a key, as does the Bursary, and anyone with a submaster key.
It is not used as a route for access to anywhere else and there are signs on the outside of each door saying that thoroughfare is not permitted. This is quite easy to enforce as I have line of sight on the front door in my office, and a webcam running motion 24/7 for anyone who slips past.
The cabinet itself is also locked at all times with a key that only myself and the Bursary have access to.
First floor, one door, no windows. I have a key, senior management have master or sub master keys which would open the door. Server room is next door to my office, both rooms located in Senior Management corridor which is protected by swipe card locks.
Internal room, no windows. Protected by cardswipe/PIN entry. Line of sight from our office. PIR just outside the door for alarm protection overnight etc.
Internal room, locked, no windows (except for 2008r2 on the server :getmecoat:)
So far, so good...
On a main thoroughfare, key hangs on a hook just above the door:p
Server in locked comms cabinet - key in lock...
To be fair, it's one of two rooms which are ever locked, the other being the cleaners' cupboard with the hazardous cleaning chemicals in it.
Maybe time to update security protocols.
Ours is on a dead end corridor that only a few support staff would have reason to go down, in fact I suspect most staff are not aware that the room is there. Only the IT support staff and the Site staff have a key and site staff know they are not allowed to let anyone into the room without letting us know.
Room is on the first floor with no windows in almost the dead centre of the building, and there is no outward sign of its use or purpose. We keep the cabinets locked and only IT support have keys: although it wouldn't take much to force them, they are very poor quality (not my call, that one).
I have thought about setting up an IP camera to monitor the door, not got round to that yet, but we do have a door open sensor rigged (part of our environmental monitoring) which is monitored on a screen in our office.
Best practice... make it nice and secure. Solid fireproof door with a few of people having unlocking ability, minimal access via other routes (including via floor/ceiling). In the old days you would also ensure it had both a great air extraction system, but that it could also be sealed off so the halon was not a hazard to anyone else when it "accidently" got activated.
In reality, anywhere you can fit the kit.
Ours is directly off our office (so you first need access to our office, before you can even consider getting to the server room!), internal room, first floor, no windows, behind a locked door that only me, my team, and the site team have a key to. CCTV in the server room itself, focused on the door.
Most primary schools will say it's in the IT suite that may or may not have a lock on the door. I'm not saying where ours are... this isn't BTRD! (But we don't have an IT suite now and it wasn't in there anyway!)
Ours is next to my office with one door bars on the windows only 2 key holders me, my technician with 2 CCTV cameras.
Two door into the room and no windows. First door is observed via CCTV and the second door is controlled via SALTO access control lock. Staff are allowed access that need it and contractors are assigned cards if needed.
We're currently relocating our server cupboard (our current one has a ceiling that leaks water), so I'm thinking about this, too. I'd like card-based access control on the door to the server cupboard with a CCTV camera covering the door, too.
Originally Posted by Badaz52
We keep our offline backups in a cupboard in the basement of a church located in a very expensive part of Knightsbridge, just behind Harrods, largly populated by wealthy foreigners. The cupboard is locked with a key, the basement with a keypad, and there is a double-door "mantrap" entrance to the building, each door with its own separate keypad code and CCTV. Outside, there are generally 3 or 4 private bodyguards wandering around (generally using the entrance to the building to have a crafty smoke out of site of their boss), and we are assured that the vicar of the church has no previous convictions. We figure that should be enough protection for a small box of backup tapes.
Our server room is a ground floor room, single solid fire door entrance, a row of small high level windows.
Door is protected with a SALTO handle and only relevant IT staff and Site Manager has access.
If it were required door also has a manual lock on for additional security.
May I suggest if you do CCTV looking at server room you also store this video off site and local.