• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3107
  • Last Modified:

Server room policies and procedures

I am on a project to develop a set of policies and procedures for the server room, as well as post up a nice laminated set of emergency info.
Does anyone have experience/templates for something like this?
0
Geneyes008
Asked:
Geneyes008
1 Solution
 
Brian BIndependant Technology ProfessionalCommented:
You'll probably find a lot of different ideas online. However best suggestion I can give you is make sure you have a book of instructions and it is up to date! Its no good if procedures have changed and you can get to the server to download them.

Biggest one for me in the server rooms I have set up is instructions on how to shut down and power up the servers. Next would be emergency contacts.
0
 
dr_shivanCommented:
TBone2k is right,
There's a whole list of documents and policies available from do's and dont's, staff/visitor access, equipment installation/removal to emegency procedures ie disaster. Do a search online and you'll be presented with a whole load of them.. SANs would provide a good idea for a start
http://www.sans.org/security-resources/policies/
0
 
smconsultCommented:
Our laminated "Emergency Sheet" in the server room has my contact info, as well as my boss and my junior tech.  After that, I made sure that the vendors who fuel our generator, fix the HVAC system, maintain the UPS, maintain the fire alarm, and the building management are all on there.

Like the others said, a policy book is good - we have one - but it's useless if it's not kept up to date.

Visitors - our whole suite is secure, and nobody goes in unless they are escorted by me or another manager, so we don't really keep a visitors log.  Plus, the entire room is covered with recorded video, so we can always look back on that if we need to.

Individual "shut-down/start-up" procedures...  those who are entrusted with that should have that info, but I wouldn't leave mine in the room.  I'd make sure those who are expected to do so have their own copies, and keep it secured (since it probably also has access control information, like passwords).
0
 
Brian BIndependant Technology ProfessionalCommented:
smconsult has a point about passwords. I suppose most of us have the critical passwords in our head. However that is not foolproof.

As for shutdown procedures, they require passwords. Besides an electronic version, the master list of passwords, along with the "administrator" password (we each have our own domain admin accounts) is stored in a safe on the other side of the building... but this is getting off topic.

Putting the passwords on your startup/shutdown procedure is up to how safe you feel the documents are going to be kept.
0
 
Geneyes008Author Commented:
I was looking for something a little more in depth.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now