Home > IT Answers > DataCenter > SAS70 audit for Data Center
Beatrix Kiddo
60 pts.
0
Q:
SAS70 audit for Data Center
Data Center, SAS 70, Auditing, IT audit, Data Center Audits
The electrical network that feeds the access points, CCTV cameras, intruder detectors, etc. must need to be independent from the electrical system that feeds the computing equipment?
Is it right to ask if the logs of access point are backed up and kept in a secure place? what about the videos that cameras are recording? those have to be backed up and store?
The data network by were the access points sends the information has to be independent from the data network of the computing equipment?
Independent=physicaly independent.
Thanks,
ASKED: Jun 25 2009  3:11 PM GMT
0
Labnuke99
26360 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
This sounds like a highly secure (military grade) level network. Is that the case?

Physically separate may not necessarily be the right answer as a network can be logically separated using techniques like:

encryption
separate subnet
different protocol

Are you being challenged to provide this separation or are you doing the auditing?

In the IT trenches? So am I - read my IT-Trenches blog
Last Answered: Jun 26 2009  1:23 PM GMT by Labnuke99   26360 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Beatrix Kiddo   60 pts.  |   Jun 27 2009  10:30PM GMT

I’m doing the auditoring,

 

Troy Tate   0 pts.  |   Jun 29 2009  12:04PM GMT

Consider the risks to the organization and/or data for separation of networks/services. Also consider costs vs value of systems/data. The logical vs physical separation may be the best approach. Physical separation can be more expensive and create additional management overhead. Logical separation also has management overhead but may be easier to cost-justify.

 

Beatrix Kiddo   60 pts.  |   Jun 30 2009  3:20PM GMT

In the case of an IPS with several SLAs would be a good idea to consider a separation?

 

Troy Tate   0 pts.  |   Jun 30 2009  7:36PM GMT

Depends on reliability of the IPS and ability to meet the SLA’s. Cost of additional IPS’s or staff support should also be considered for separate systems.

 
0