Home  ›  Server Room Hack Server Room Funny

Server Room Hack Server Room Funny

Written By terça-feira, 21 de junho de 2022 Add Comment Edit

Server Room Security

Posted by THEATRAIN

How secure should a server room be?

While at a user's desk the other day, I heard a door close somewhere in my vicinity.  I was a bit curious, because the only door near by is the door to my server room.  As I continue to work, I keep an ear out to see if I can find out who went into the server room.  Next thing I know, a woman walks out, ending a call on her cellphone.  I have encountered people in there before, behind the racks, using their phones.

My question is this:  Should I be concerned that people are allowed to sneak off to the server room to make personal phone calls and no one has ever batted an eye at this?  Should I keep the door locked?  Put up a sign?  Or should I just trust that the folks in accounting are not going to mess with the equipment?

check

  • Seriously though, since virtually everything that lives on a server is "sensitive", It should be locked.  Ideally, a coded lock with some kind of access control (like badges) lets you know who accessed the server room when.

    Was this post helpful? thumb_up thumb_down

    • View Best Answer in replies below

    158 Replies

    • Locked at all times, as-needed access.  They could do anything in there, from intentionally malicious to tripping over a power cable.  It's not any different than an a non-HR employee flipping through HR files while on a phone call.

      Was this post helpful? thumb_up thumb_down

    • I would suggest putting a coded lock on the door for sure. If someone trips a cable and knocks a system down they will call you and it will be your problem to resolve. If your bound by any compliance standards it's probably a requirement as well.

      Was this post helpful? thumb_up thumb_down

    • Definitely locked with limited keys.  At my place of employment there are only 2, I have one and so does the President of the company.  That is it and that is all.  Beyond that only 4 people are ever authorized to be in there without supervision from one of those same 4.

      Was this post helpful? thumb_up thumb_down

    • Locked at all times indeed. As mentioned above- anything is possible, corporate espionage [yes,  I tend to exaggerate :) ] or minor accidents or accidentally tampering the equipment. Put up a sign- Authorized access only or something and have a key-pad entry lock. No, you should not allow employee that have nothing to do with the Server or IT infrastructure to go into a Server room.

      Was this post helpful? thumb_up thumb_down

    • We have the Alarm Lock digital locks on there, same as the building, with a limited user base. It is audited, if needed, but it is mainly Myself, Management and the Managed Services that can get in. I don't need them accessing the shared drive folders that are restricted to them, messing with ports,9thinking they are fixing something) playing with the DVR for the cameras, or walking off with stuff. The last is just because of the extra supplies and machines in there, not a trend...

      We also have the intellectual property issue with some of our customers, so it is required to restrict access to the servers because of those files.

      Plus, it's My office! If I am in there, they can find me there with the door ajar, but when I am gone, I try to keep it closed. (Cool air staying in)

      Was this post helpful? thumb_up thumb_down

    • Keep it locked! I've heard a few horror stories, such as the cleaning lady who would unplug servers in order to use that power outlet for her vaccuum cleaner.

      Was this post helpful? thumb_up thumb_down

    • Keep it locked. Door locks with blood and semen recognition for access....

      Was this post helpful? thumb_up thumb_down

    • Locked at all times, if the contents of your server room are important to you.  Even if the person using it as a private area wouldn't touch anything or even know where to start, you don't ever want to take a chance.  All it takes is one vengeful employee...maybe you took too long at responding to their last helpdesk ticket...

      We use a coded lock on our server room door that only the 4 employees in IT know.  We also have a sign warning against unauthorized access and a sign-in list hanging by the door if anyone else (vendors, technicians, etc) need access.

      Was this post helpful? thumb_up thumb_down

    • I don't think it's okay for your server room to be used as a modern-day phone booth. While I doubt anyone would intentionally mess with the equipment, they could and that's not a chance I'm personally willing to take. There's also the accident factor. Someone could very innocently touch, lean, grab, trip on/over something important.

      How you secure it depends on your environment and industry. Being in healthcare with just under 80 users, I keep both my server room and wiring closet locked with only select individuals having access. You could get really fancy, however. :)

      Was this post helpful? thumb_up thumb_down

    • Oh my god, lock to door!  You can't have that!  I like the idea of a coded lock.  I just have a key entry on mine, but before my office moved we had a coded lock.  The coded lock just looks better and is cool.

      Was this post helpful? thumb_up thumb_down

    • I would suggest putting a coded lock on the door for sure. If someone trips a cable and knocks a system down they will call you and it will be your problem to resolve. If your bound by any compliance standards it's probably a requirement as well.

      I've never been a big fan of the coded lock as I find all to often eventually non-authorized people find out the code.  And even if you change it often it still keeps happening.

      Was this post helpful? thumb_up thumb_down

    • I agree with average response. Locked at all times with access only for those that need it. Chances are they will not touch a thing. But even then, people are good and tripping over or snagging cables with their elbows. It will be an honest accident, but it will result in a hassle for you that could have been easily avoided.

      Was this post helpful? thumb_up thumb_down

    • C_J wrote:

      Keep it locked! I've heard a few horror stories, such as the cleaning lady who would unplug servers in order to use that power outlet for her vaccuum cleaner.

      LOL. Many years ago, while I was just a project manager for the company and not the IT Tech, I managed to convince the owners that we needed to limit access and actually buy a server rack and tighten up security for something remarkably similar to that.

      The server at the time lived on a broken shelf on an old desk in the "server area" which was an alcove off the side of one of the main hallways. When the cleaning people came in and vacuumed, they would bump the shelf and it would pivot on the two un-broken pegs. Unfortunately it took actually witnessing what was happening to figure out that this coincided with the server lockups we were having.

      The next issue we had was that the guy who was the Administrator at the time didn't think we really needed an Admin Password... so it was rather charming to come in one Saturday and find the cleaning lady's grand daughter surfing who knows what on the Internet from the local console of the Server!!!

      Fortunately management took my concerns seriously and I got to buy my very first server rack and start instituting at least BASIC security.

      Man. I should have saved this story for an article for Eric LOL.

      Was this post helpful? thumb_up thumb_down

    • Nobody gets the code to the server room. If someone needs in they get escorted. I also don't want to be playing pocket pool looking for the keys if I need quick access to the rooms :)

      It's a valid point you bring up though, I'm sure it's a problem at some places out there.

      Was this post helpful? thumb_up thumb_down

    • ...But cutting through ours is the shortest path to half of the offices! So locking it would/has caused wars.

      Was this post helpful? thumb_up thumb_down

    • We must maintain HIPPA compliance it must be locked with no unauthorized access. This is not an option.

      Was this post helpful? thumb_up thumb_down

    • Locked.

      How is up to management, but it needs to be access-controlled. Keys to IT only, with a backup in the company lockbox.

      Was this post helpful? thumb_up thumb_down

    • doughnutdestroyer wrote:

      Keep it locked. Door locks with blood and semen recognition for access....

      That won't work for us admins with two X chromosomes.

      Was this post helpful? thumb_up thumb_down

    • Seriously though, since virtually everything that lives on a server is "sensitive", It should be locked.  Ideally, a coded lock with some kind of access control (like badges) lets you know who accessed the server room when.

      Was this post helpful? thumb_up thumb_down

    • Keep it locked and keep the key in a vault with access on a needs basis only. Whilst intentions might all be innocent, as has already been mentioned it's you that will have to sort out the mess when a cable gets pulled or a switch flicked, why out yourself through the misery?

      Was this post helpful? thumb_up thumb_down

    • Locked.......locked.....locked..... did I mention locked already?  locked.

      Was this post helpful? thumb_up thumb_down

    • Use a key fob, then an alarm system as well. Works wonders.

      Was this post helpful? thumb_up thumb_down

    • The funny thing is, a server room is the last damn place I'd go to make a phone call. Can't hear chit!

      Was this post helpful? thumb_up thumb_down

    • I also feel there should be video surveillance.

      Was this post helpful? thumb_up thumb_down

    • I agree. Locked with video surveillance. If your USB ports are active, anyone with some IT skills can hack into your server with a USB boot device.

      Was this post helpful? thumb_up thumb_down

    • I figured most of the replies would be a yes. I just needed to see it before I approach the bosses. Is a locked door not enough? I notice quite a few of you recommend using a number pad lock.

      Was this post helpful? thumb_up thumb_down

    • 1.  Server room door should be locked from the outside.

      2.  If budget is an issue thenslightly lower cost and maintenance than video or key fab = bio-metric locks.  They're surprisingly affordable, and your thumb is your key.

      3.  Door should close behind you automatically, spring loaded hinges or hydraulic closer.

      4.  Yes, USB ports disabled.

      ​5.  If servers are not in a rack, consider getting a rack with a lock and key there as well, it won't stop a determinedthief with a crowbar but it will prevent physical touching of the appliances.

      Was this post helpful? thumb_up thumb_down

    • 1. Locked. We use proximity badges and only a very limited number of people have access to the server room (all are approved by IT manager, facilities operations manager, and site manager).

      2. Video surveillance. We have several cameras in our server room so that no one can enter unseen.

      3. Doors automatically close. If they doors do not meet the strikeplate in a certain amount of time, security alerts start bombarding IT.

      Was this post helpful? thumb_up thumb_down

    • Our 2 server rooms are badge locked with needed people only having access. The problem is there are the security camera dvrs and work station and also the fire control system in those rooms. So it ends up with more people having access to the rooms than we probably should.

      Was this post helpful? thumb_up thumb_down

    • Yikes, locked.

      We keep the server room door locks on the 'master key' as well. That way people that hold masters can gain access in emergencies. (reboot servers, check blinky lights, etc.)

      In the 'old days' with an IBM sys 36, a workers' child pulled the master power switch. That changed a few rules.

      Was this post helpful? thumb_up thumb_down

    • C. Douglas Mays Jr. wrote:

      2.  If budget is an issue thenslightly lower cost and maintenance than video or key fab = bio-metric locks.  They're surprisingly affordable, and your thumb is your key.

      I can't even get approval for a $12 deadbolt.

      Was this post helpful? thumb_up thumb_down

    • Ours is locked, controlled access via door fobs.  Only 3 people's fobs are authorized and there are 2 keys (Office Manager and myself).

      Was this post helpful? thumb_up thumb_down

    • Locked at all times. We use a card-swipe system at my workplace for the server room/MDF; normal doorknob locks for all of our IDF's. At the server room we of course have a record from the card of who went in and when; even though you don't need it to get out we're supposed to also swipe then to have a record of us leaving. We're on camera the moment we enter.

      The policies are in place for everybody, from the system administrators, the CIO, the network administrator, etc. all the way down to lowly student workers like me. It is essentially unheard for any non-ITS staff member to be in there.

      As has been mentioned, the least of our worries are those with malicious intent. We'd have people tripping, unplugging, etc. all day long. The biggest worry, quite frankly, is that our fire suppression system can absolutely kill a person if they don't evacuate the room in time.

      Was this post helpful? thumb_up thumb_down

    • jbecker1563 wrote:

      Use a key fob, then an alarm system as well. Works wonders.

      This.   You can track who has been in and out as well as what times.

      Ours also has keys. Only three of us have access.

      Was this post helpful? thumb_up thumb_down

    • I have a Boss and he need to knock on the door for access.  Do I need to say more?

      Was this post helpful? thumb_up thumb_down

    • Locks are typically used to "keep the honest people honest".

      The whole point of a lock is to slow an intruder long enough to maximize their exposure, and hope that somebody notices that something is wrong.

      For example, if you're walking down the street, and you see somebody walk up to a car door, open it, grab something out of, and walk away.  You'd probably think "oh, that guy must have forgot his cell phone in his car".  But if you see him trying to jimmy the door open, or smash a window.  You'd notice something was obviously wrong with that picture and probably call the police or something.

      Spending a lot of money on a fancy lock is often pointless due to other factors.  At least have a cheap lock. I think surveillance is a good next step.  Even cheap DVR systems have an option for a door open/close sensor to log an event every time the door opens.

      Don't invest in a fancy lock that can easily be bypassed another way.

      Was this post helpful? thumb_up thumb_down

    • Locked.  Off-master with limited distribution.  Motion activate video camera is helpful.  Surprised environmental monitor wasn't mentioned (temperature, humidity, etc), such as something by ITWatchDogs.

      .

      jschadt wrote:

      .....our fire suppression system can absolutely kill a person if they don't evacuate the room in time.

      Excellent point!

      Was this post helpful? thumb_up thumb_down

    • It's not just HIPAA compliance.  There is also PCI and PHI as well.  A lot of people think that their business liability insurance will cover them no matter how stupid they are.  Not the case.  If, during an claim investigation, the underwriter determines that a business has not engaged in due diligence they might very well limit or totally deny a claim.  So it must always be locked with a access log maintained.

      Was this post helpful? thumb_up thumb_down

    • CC camera and Access control should be there.

      Was this post helpful? thumb_up thumb_down

    • Well i have to say, my server room does not have a lock on it, but since the only way into it is through my office, its not such a big deal. Since mine used to be a bathroom, with shower and all, it could be used for that. :)

      Was this post helpful? thumb_up thumb_down

    • I see two problems there.

      - You don't have a server room, you have placed a server in an public space with a door. If you don't own it, you get no naming rights.

      - (this is a general problem) Open spaces are invasive, people need their privacy. So they go wherever there's a door to have that privacy illusion.

      Was this post helpful? thumb_up thumb_down

    • I would definitely lock it. Cell phones in server room, just don't seem like good combination, as I would think the phones could make interference with the server electronics. I don't know how anybody could even use a phone in a server room as it would probably be loud. Keeping it unlocked your just waiting for trouble. I have never seen it, but I have read about in security books somebody could just act like their an it person walk in, unplug the server and walk out with it, and your data. Then your possible proprietary data is in hands of some criminal, not to mention things like compliance with regulations like alerting customers their data may have been stolen, and possibly HIPA compliance depending how your place does insurance.

      As for access in your case I would say depends on how many I.T staff you have. if just a few keys are probably fine, but maybe do a dual lock with 2 different keys to be safe. Or if you feel the need and have budget get some sort of electronic system. Biometric, code, badge readers, etc.

      Just as some opinion. There is a college in my area, at some point they were running a window AC unit mounted in the wall to cool the room. I took classes there for 3 years, I had a few friends in I.T dept., from a job shadow experience.  I looked outside one day, and noticed a piece of ply wood screwed into the wall covering the hole for what I think was an old AC unit. I didn't think much of at the time as it works, then I took security + class, and was like that's stupid somebody could just bust that, or undo the screws and get in the room, and maybe the building. The spring the last year I was there they finally got something a bit better and put some sheet steel over the inside too. They have grades, personal info, testing software servers in there (I found out  what the some of the servers in there were used for during an internship.) That fixed a lot, but I'm not crazy about the door they used either, as has big window, and is only wood, but it is also off an office of a teacher and theirs a bit better door with no window there. Server room also has a mini roll up door, as used to be a kitchen years ago, I guess they locked it shut, but still I personally wouldn't trust it, but that just has a classroom on the other side. I expect their ok, but If possible with security I would rather be over-protected than under-protected.

      Was this post helpful? thumb_up thumb_down

    • We used a coded lock as well. Have a sign-in sheet for Vendors and only 4 people have the code. We change it every 90 days along with passwords, Alarm codes, Etc. There is also a camera inside of the server room pointed at the door as you walk in (Infrared enabled).

      LOCK THE DOOR!

      Was this post helpful? thumb_up thumb_down

    • An unlocked computer room is a bomb waiting to explode. At my company, computer room is always locked. Access is permitted only with a personal rfid card and all racks are locked too. Even the door that the computer room is located, is not always open and always supervised by a technician.

      Was this post helpful? thumb_up thumb_down

    • Incase no one has mentioned it, keep that door locked :)

      Was this post helpful? thumb_up thumb_down

    • CCTV and biometrics security door access should be in place.

      Was this post helpful? thumb_up thumb_down

    • SZitguy wrote:

      We used a coded lock as well. Have a sign-in sheet for Vendors and only 4 people have the code. We change it every 90 days along with passwords, Alarm codes, Etc. There is also a camera inside of the server room pointed at the door as you walk in (Infrared enabled).

      LOCK THE DOOR!

      To add to this, all vendors are required to sign in before entering the building (they can't get through the lobby without a badge and an escort.

      Only people with access are allowed into the server room. All others must be escorted.

      Was this post helpful? thumb_up thumb_down

    • keep it locked and no body have an access to it except IT guys.

      Was this post helpful? thumb_up thumb_down

    • We have access control to all sorts of doors set via RFID in our ID badges. Only 6 people have access to our comms rooms, and no-one gets to go in there without one of us present.

      Was this post helpful? thumb_up thumb_down

    • So the server room aint too cold and way too noisy to have a phone call in anyway??

      But more seriously who know that the heck they are actually doing in there, moving cables about, dropping in sniffers, stealing spare kit??

      Inform mgmt/HR of the risks and get them to sponsor this...

      Big sign - No Unauthorised Access

      Lock on the door with limited keys

      WIndow in the door so you've got 1/2 a chance of being seen if you're lying under a pile of servers that just fell off the racks on ya

      Was this post helpful? thumb_up thumb_down

    Read these next...

    • Add duplex unit to non-duplex printer? HP M608

      Add duplex unit to non-duplex printer? HP M608

      Hardware

      When I purchased this HP M608 it was not available with a duplex unit due to supply chain issues.  Now I wish I had the feature.  Assuming I can find the correct part number, should I be able to add a duplexer now?  I would think so but I'm having issues ...

    • Need help getting a replacement laptop battery to Manilla

      Need help getting a replacement laptop battery to Manilla

      Hardware

      We have a programmer that is spending a couple months with her family outside of Manilla, Philippines. She has a Dell Precision M3800 laptop and the battery has failed. I am looking for some help or guidance in getting her a replacement. Local shops there...

    • Network mapping

      Network mapping

      Networking

      I'M looking for recommendations on a network scanning tool that hopefully won't cause too much disruption on the network and systems I'm inheriting, there is no pre-existing network map!Thanks

    • Spark! Pro Series - 21 June 2022

      Spark! Pro Series - 21 June 2022

      Spiceworks Originals

      Today in History: 21 June 1529 – Queen Catherine of England (Catherine of Aragon) speaks against her marriage's annulment at the Blackfriar's Legatine Court 1768 – 1st medical diploma in America is granted to D...

    • Snap! WinSvr update woes, Cloudflare, Jupiter, space junk, & skin for robots

      Snap! WinSvr update woes, Cloudflare, Jupiter, space junk, & skin for robots

      Spiceworks Originals

      Your daily dose of tech news, in brief. If you happen to be in the Northern Hemisphere, welcome to the first official day of summer (although living in Texas, it feels like it started weeks ago)! If you happen to not live in the Northern Hemisphere...

    rainesthilessen.blogspot.com

    Source: https://community.spiceworks.com/topic/423960-server-room-security

    0 Response to "Server Room Hack Server Room Funny"

    Enviar um comentário

    Subscrever: Enviar feedback (Atom)

    Iklan Atas Artikel

    Iklan Tengah Artikel 1

    Iklan Tengah Artikel 2

    Iklan Bawah Artikel