Educause Security Discussion mailing list archives
Re: Physical Security During Construction?
From: Bill Terry <wterry () BARD EDU>
Date: Sun, 23 Aug 2009 09:30:43 -0400
All - While I generally agree with Hugh's list, below, one may find that escorting workers in and out may be unmanagable. That being the case you may consider - vendors and sub-contractors need to be on-board with the list below - perhaps signing an agreement as part of the contract. Depending on the size of the job, foremen and / or all workers could have a temp ID for data center door(s). You may consider getting the workers to wear picture company IDs and wear shirts that identify the company. Accidents will happen, not just with vendors. I have seen skilled electricians and HVAC teams, working for our institution and extremely familiar with our equipment and procedures, bring down entire large data centers. While such events are not encouraged, they certainly can be a chance to test and review emergency operations and disaster recovery. Planning, communication (both ways), understanding, and humor are key. Also pays to identify contact personnel for the project including computer center, Facilities/B&G/ and the vendor as well as campus security. I've led or participated in three or four of these and am starting another. With adequate planning, communication (both ways), understanding, and humor, most happen without a hitch. Bill Terry Bard College Hugh Burley wrote:
Availability has been the most significant risk I have seen with construction workers over the years. Accidental power and cooling disruptions being the two I have personally experienced. I think the most important things to ensure are that you are aware of who is on-site, when they are entering and leaving the data centre, what they are doing, and that all workers entering the data centre are aware that they are working in a fragile environment. IT staff should escort workers in and out of the data centre, especially first thing in the morning and at the end of the day. Things construction workers need to be told: Anyone entering the data centre must be bondable Anyone touching any console will be barred from future access to the data centre Only IT staff may move network, and server hardware or peripherals Use utility power not data centre power for tools (ensure these are clearly marked) Ensure dust and metal particles are kept separate from servers (plastic barriers should be in place) Ensure the data centre is professionally cleaned (daily if possible during construction) Ensure that servers, data cables, and power cables are not accidentally bumped Ensure that no changes to power are done without a full explanation to and approval from IT Ensure that room temperature is maintained or systems are shut down prior to A/C disruptions Ensure IT staff are available for system startup and shutdown Hugh Burley Thompson Rivers University ITS - Senior Technology Coordinator Information Security BCCOL - 222D 250-852-6351 >>> "Michael J. Wheeler" <mwheeler () PITTSTATE EDU> 22/08/2009 9:29 am >>> We will be undertaking a construction project in our datacenter. The doors to the data center are currently protected by PROX-locks. Walls will be built, new A/C system installed, as well as new electrical wiring. Obviously, this will be a project that runs over a relatively long period of time -- especially with the requirement that we maintain operations during the construction. Has anyone gone through a similar project while keeping the data center up and running? How do you handle the physical security while construction workers are coming in and out? We had planned on issuing them PROX-cards that were only good during business hours and making them swipe every time they came in. But, what about while they are in there working? We do not have cameras in the data center, and I can't imagine having an FTE dedicated to sitting in there and 'babysitting' them for the duration of the project. Do you just intrinsically trust your contractors, their sub-contractors, and sometimes their sub-contractors? General security practices say "heck no!", but I was wondering what others have done in this scenario. -- Michael J. Wheeler Assistant Director, Systems and Networking Pittsburg State University Phone: 620-235-4610 E-mail: mwheeler () pittstate edu
Current thread:
- Physical Security During Construction? Michael J. Wheeler (Aug 22)
- <Possible follow-ups>
- Re: Physical Security During Construction? Hugh Burley (Aug 22)
- Re: Physical Security During Construction? Bill Terry (Aug 23)
- Re: Physical Security During Construction? Maloney, Michael (Aug 27)
- Re: Physical Security During Construction? Charlie Prothero (Aug 27)
- Re: Physical Security During Construction? Cal Frye (Aug 27)