Data center security — what advice would you give?

4280 pts.
Data Center management
Data Center Security
Security management
We've all had our share of "I wish someone would have told me" moments. If you could give advice to someone who is green in data center security, what would be your best piece of advice? What's something you wish someone would have told you early on?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Typical Infosec security definition: Confidentiality, Integrity & Availability –

Availabiliity – Power & connectivity.

Be sure that redundant power supplies are actually plugged into separate power sources. Plugging dual power supplies into the same power bus is inviting failure.

Connectivity – don’t skimp to begin. Be sure that the users have a good experience from the beginning. Adding capacity can take 30 days or more so a bad end user experience could last for a while if not enough capacity is provisioned up front.

Confidentiality – be sure that who can access the systems is who they say they are and that they are limited in what they can do according to company policy and procedure.

Integrity – backups should be stored separate from the equipment. Don’t store the media in the same location as the data. Test the backups regularly to ensure they are doing what you think they are doing.


Physical access control – Access should be restricted to those who really need to be there, and sign-in procedures should be implemented for visitors. Also, food, drink and smoking must be prohibited inside the data center, and the data center should be monitored by CCTV cameras.

Discuss This Question: 5  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • JennyMack
    Thanks Labnuke, that was a great answer!
    4,280 pointsBadges:
  • JennyMack
    Mrdenny, I saw that you changed Labnuke's answer from testing backups "occasionally" to "regularly" -- a valid point. What kind of schedule would you advise?
    4,280 pointsBadges:
  • Kevin Beaver
    I'd add including data centers in your risk assessments. They're often overlooked while, at the same time, are often creating many risks to the business.
    27,550 pointsBadges:
  • Denny Cherry
    Backup tests should be done at least monthly, and preferably be automated so that they aren't skipped when people are out on vacation, etc.
    69,130 pointsBadges:
  • itgPaul
    There's some great advice in this post but something that hasn't been covered is Risk Assessments. Taking the time and due diligence to fully examine the data center to ISO 27001 standard looking at the risks your center could face and applying the appropriate controls will certainly help safeguard your system. See our blog/store for more advice and info
    35 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: