With all of the recent security breaches to high-profile computer networks, small and large businesses alike are ramping up their own security efforts with firewalls, encrypted content and other sophisticated measures. Still, many companies are overlooking some of the most obvious security measures and leaving their networks vulnerable. Physical security is just as important as virtual security and require different sets of expertise. While virtual security should be handled by an IT Expert, your server’s physical security should be handled by a licensed Commercial Locksmith.
Here are 10 “offline” ways to protect your online network:
1. Install commercial door hardware on the server room.
Your server room is essentially the central nervous system of your company—you become paralyzed without the data and equipment stored within. Without high quality, commercial grade locks, you are leaving your data center and physical network vulnerable to an attack. Any passerby with sticky fingers could help themselves to any of the routers, cables, switches or other components located in your server room. What’s more, a disgruntled employee could cause serious damage to any of the equipment if the room isn’t secured whenever it is unoccupied. Even with commercial door hardware, it is important to have policies in place regarding who is allowed access with a keycode or key.
Still, employees with access to your network room might abuse their access privileges. For this reason, it is recommended that you keep record of anyone who enters and exits your server room. Incorporating an identification system into the locking mechanism takes your security to the next level. Using smart cards, employee specific codes or even biometric scans to unlock the door creates a record of anyone who enters as well as what time they accessed the room.
2. Install a surveillance system.
It is also a good idea to install a video surveillance system in your network room. Ideally, the camera should be located where it is unnoticeable and/or difficult to disable or tamper with. In the event that an electronic access card is lost or stolen, you can still identify intruders using the video surveillance. The type of monitoring you choose will depend on the sensitivity of the information located within your network room. You might want a motion activated video camera or one that monitors continuously. In some cases, you may even want to set up your surveillance system to e-mail or text the appropriate person if the room is accessed after-hours.
3. Keep other vulnerable equipment in locked up.
Your server isn’t the only potential security threat to you network. Hackers can use unsecured hubs to access network data simply by plugging a laptop into it. All of your network equipment should be locked up. If your office is too large to house everything in a single server room, make sure that additional equipment is locked up in other parts of the building.
4. Mount servers on racks, not towers.
Rack mount servers can be closed, locked and bolted to the floor. This makes it nearly impossible to move or steal the equipment secured within. Tower servers typically cannot be fortified the same way.
5. Lock computer cases.
Bolting server racks to the floor prevents would-be thieves from taking the entire network computer, but it they could still remove the hard drive and walk out with it in a briefcase or a coat pocket. If your server has a locking case, make sure that the lock is engaged and the keys are kept in a separate, secure location. If your equipment does not have locking cases, locking kits for computers are available at very reasonable prices.
6. Secure workstations.
Empty workstations also pose a security threat to your network. Be sure to disconnect or remove any equipment in unoccupied cubicles when an employee takes an extended vacation or leaves the company. This makes it more difficult for hackers to breach your network and gain access to sensitive information. Employees that are lucky enough to have an office instead of a cubicle should always lock their office doors when they leave. Computers that are out in the open, such as at a reception desk, should be equipped with biometric readers or smart cards to prevent unauthorized users to log on to the network—passwords often aren’t enough.
7. Lock up laptops and other portable devices.
Laptops, tablets, smartphones and any other portable devices with network access should never be left unattended. Employees should lock them in a drawer, secure them to the desk using a cable lock or take the computer with them when they leave their desk for an extended period of time, whether for lunch or a meeting.
8. Don’t forget about printers.
Most people don’t realize that printers store documents in memory. If a printer is stolen, hackers can access the memory and can often print out additional copies of documents that were recently printed. Like laptops and other equipment in workstations, printers should also be locked up or bolted down. It is also a good idea to keep a shredder next to printers so that employees can immediately destroy extra copies of sensitive documents or those that didn’t print exactly right.
9. Protect backup data.
Everyone knows that how important backing up data is. In the event that data needs to be restored to a network, it is very convenient to keep that data in the server room. This is the worst place to keep it, however. Backup servers, external hard drives or discs can be destroyed along with the rest of the equipment if there is a fire or flood in the office. Discs an drives can also easily be pocketed and stolen. It is imperative to protect backup data by keeping it in a secure, offsite location. Many companies utilize cloud services for data backup for this reason.
10. Prevent data transfer.
Both authorized and unauthorized employees are often responsible for stealing and leaking confidential information kept on a network. You can prevent this by disabling USB ports on their computers so they can’t plug in a flash drive to transfer data and/or disconnecting internal CD drives.
Get Started Today
Physical security is just as important as virtual security. Contact our team at Great Valley Lockshop at (610) 644-5334to get started by securing your server room. As a full-service commercial locksmith, we can customize a master key system to fit the unique security needs of your building and keep your network physically safe.