“If you don’t maintain physical security in the real world, any and all safeguards you erect in the virtual world may be meaningless.”
That’s a compelling line from Ed Tittel’s article at SearchSecurity.com.
For Datacenter, server, and other sensitive information technology, it seems as if the security focus has sometimes missed the actual servers themselves. As Tittel says in the piece, “…just about any Windows NT, 2000 or XP laptop, booting this software (NT Locksmith) from a floppy permits a knowledgeable Windows person to take over the machine and reset the administrator password in 5-10 minutes.”
More or less, Tittel says, any savvy systems admin or criminal who can gain physical access to a computer can take that machine over — easily and quickly. He can get into anything he wants, set passwords, install programs, steal data, copy drives, sabotage or otherwise engage in anything he wants to — in less than 30 minutes under most circumstances.
There are good reasons to beef up physical datacenter security beyond this issue.
People can and do steal servers. I’ve heard of cleaning crews inadvertently doing damage while working near sensitive equipment. Also, clients like to see physical security. They like to know their data is as safe from a thief in your town as it is from a hacker ring in Uzebekistan. Read Ed Tittel’s piece if you have to secure a server room, datacenter, or other sensitive equipment.
Precautions such as video surveillance, secure rooms, guards, biometric locks, wire security partitions, and other measures are often relatively inexpensive and can give you the peace of mind you need.
Scott Stone Cisco-Eagle's Director of Marketing. He has over 25 years of experience in the industry.