{"id":239,"date":"2020-03-11T18:16:38","date_gmt":"2020-03-11T16:16:38","guid":{"rendered":"https:\/\/tekmart.co.za\/t-blog\/?p=239"},"modified":"2020-03-11T18:17:15","modified_gmt":"2020-03-11T16:17:15","slug":"improve-server-rack-physical-security-with-iso-standards","status":"publish","type":"post","link":"https:\/\/tekmart.co.za\/t-blog\/improve-server-rack-physical-security-with-iso-standards\/","title":{"rendered":"Improve server rack physical security with ISO standards"},"content":{"rendered":"Reading Time-approximately:<\/span> 3<\/span> minutes<\/span><\/span>\n

Safeguarding information access is essential to data center operations. With ISO Standard 27001 and the right locking mechanisms, you can prevent a security breach at the server hardware level. <\/strong><\/h2>\n\n\n\n

By <\/p>\n\n\n\n

\"\"\/<\/a><\/figure>\n\n\n\n

Brien Posey<\/strong><\/p>\n\n\n\n

Microsoft MVP – SearchDataBackup<\/a> <\/strong><\/p>\n\n\n\n

\t\n\t\n\tPublished: 17 Oct 2019<\/a><\/p>\n\n\n\n

Organizations use a variety of mechanisms — such as biometric locks \nand keycards — to secure physical access to their data centers. But it \nis equally important to implement physical security at the rack level.<\/p>\n\n\n\n

Server rack physical security is often associated with the use of colocation facilities<\/a>.\n Organizations that lease space within a colocated data center sometimes\n erect fences as a way of restricting physical rack access. Because of \nthe cost of floorspace in a colocation facility, however, organizations \nare increasingly abandoning the fence in favor of rack-level security \nmechanisms. In doing so, organizations can reduce the amount of \nfloorspace they need — decreasing overall costs to rent space. <\/p>\n\n\n\n

Data centers can see a surprisingly high volume of foot traffic as \ntechnicians come and go, performing various installations, maintenance \nor upgrade related tasks. Physical security mechanisms help ensure that \nanyone who has access to a data center — legitimate or not — cannot \naccess unauthorized hardware. Besides restricting access to systems that\n contain sensitive information, server rack physical security systems \nhelp prevent hardware theft.<\/p>\n\n\n\n

Server rack physical security standards<\/strong><\/h3>\n\n\n\n

There are different standards that establish best practices for how the data center should be secured. ISO 27001<\/a>\n is one standard that addresses far more than just physical security. \nThe standard outlines an overall IT approach to security that is based \non risk assessment, security controls and management practices; each \ncomponent ensures that admins implement security measures in a \ncontrolled, uniform manner.<\/p>\n\n\n\n

Admins can use ISO 27001 as an overarching IT security standard, but\n it also directly addresses server rack physical security in the data \ncenter. Its main guidelines cover actions for data center surroundings, \ngates and perimeters. The standard also outlines considerations admins \nshould evaluate during an environmental risk assessment.<\/p>\n\n\n\n

Just as there are standards such as ISO 27001 that outline best \npractices for physical security within the data center, admins might \nneed to also consider industry-specific regulations as part of their \nsecurity strategy. For example, HIPAA part 164.310 (a) (1) for covered \nentities requires organizations to \u201cimplement policies and procedures to\n limit physical access to its electronic information systems and the \nfacility or facilities in which they are housed, while ensuring that \nproperly authorized access is allowed.\u201d<\/p>\n\n\n\n

HIPAA does not specify which physical safeguards<\/a>\n organizations must use, but the law clearly requires covered entities \nto take reasonable measures that limit physical access to information \nsystems.<\/p>\n\n\n\n

Lock options for rack servers<\/strong><\/h2>\n\n\n\n

In addition to securing data center access, there are many \nmechanisms that restrict physical access at the rack level. A good \noffering should be cost effective and strong. It should also log access \nand grant access only to those with a key or a PIN.<\/p>\n\n\n\n

One example of a server rack physical security offering is Rack \nArmor. Rack Armor is an IDenticard-based offering that creates a log of \nwho has unlocked a server rack, when and for how long. Rack Armor also \nincludes an alerting mechanism<\/a>, and admins can remotely lock or unlock server cabinet doors if necessary.<\/p>\n\n\n\n

Admins seeking a more cost-effective option might opt to instead use\n a simple locking mechanism, such as the Secure Server Unit from Rack \nSolutions. This security hardware establishes keyed access to servers, \nwhile blocking access to ports and hard drives.<\/p>\n\n\n\n

Another option is the db BioLock from Digitus Biometrics, which is based on fingerprint recognition<\/a>,\n adding another security layer. The company also offers the db ELock. \nThis server cabinet lock secures data center resources with multi-factor\n authentication. The lock can use a combination of fingerprints, \nkeycards, iClass cards and traditional keycards.<\/p>\n","protected":false},"excerpt":{"rendered":"

Reading Time-approximately:<\/span> 3<\/span> minutes<\/span><\/span>Safeguarding information access is essential to data center operations. With ISO Standard 27001 and the right locking mechanisms, you can prevent a security breach at the server hardware level. By Brien Posey Microsoft MVP – SearchDataBackup Published: 17 Oct 2019 Organizations use a variety of mechanisms — such as biometric locks and keycards — to secure physical access to their<\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,19,5,16,22],"tags":[],"class_list":["post-239","post","type-post","status-publish","format-standard","hentry","category-data-center-hardware","category-data-centre-servers","category-engage-the-experts","category-how-tos-and-other-useful-tips-and-tricks","category-server-hardware"],"_links":{"self":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/comments?post=239"}],"version-history":[{"count":1,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/239\/revisions"}],"predecessor-version":[{"id":240,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/239\/revisions\/240"}],"wp:attachment":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/media?parent=239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/categories?post=239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/tags?post=239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}