server security
Right now our Dell Server is in a room that is accessible to many people. I don't have a better place to put the server since it needs multiple network cables plugged into it for redundancy. Directly behind the server are 8 wall ethernet ports. I don't have that kind of config anywhrere else in the office. My question is how to secure the server in an area like this? Should I put it in a cage or something like that? Not sure. I want it to be locked and also that someone would not be able to come in and take it our of the building.
ASKER
anyone else?
It's up to you how much you want to secure it. Not us.
You can build a secure room. You can put it in a cage secured to the floor or wall. You can get rid of it entirely and go to the cloud. At a minimum if you can't physically secure the server to your satisfaction, you should be securing the data - the server should be encrypted. And you should have a good, reliable, TESTED, backup/disaster recovery option in place so you're not out of business if the server was stolen... or destroyed in a fire. Or something else.
You can build a secure room. You can put it in a cage secured to the floor or wall. You can get rid of it entirely and go to the cloud. At a minimum if you can't physically secure the server to your satisfaction, you should be securing the data - the server should be encrypted. And you should have a good, reliable, TESTED, backup/disaster recovery option in place so you're not out of business if the server was stolen... or destroyed in a fire. Or something else.
ASKER
We have an offisite Veeam DR solution in place right now. So your saying screw the server if it is being backed up? All I'm getting at is I've heard several IT people who have come to the office and say that having the server in a room that is not locked is a no no. Don't have anywhere else to put it since the other rooms only have 2 network wall ports in each. I just don't want people to be able to take it away. Maybe this is not worth trying to do.
If the only issue at hand is that it might be stolen, then image it daily to an identical server kept off-site in somebody's house that is trustable. Then when it's stolen you look at the video footage, fire who did it, and roll in the identical backup (because the police will keep the original one as evidence until the case goes to trial.)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the data is that valueable and you don't have the physical place to secure it, another option is to locate the server in a facility designed for security and use a high-speed line either dedicated or via VPN to allow users access. It's a kind of Private Cloud instead of using the public cloud services such as AWS or Azure.
I was going to suggest a soundproof rack, then you can site it in a general office and so long as there's more than one person using the office they collectively improve physical security. They're not cheap though - http://www.apc.com/shop/us/en/categories/racks-and-accessories/racks-and-enclosures/netshelter-cx/N-1ks6cn2
Two alternatives are to (a) drill a hole in the floor, epoxy in a ring bolt and attach it to the server case with a Kensington lock, or (b) watch it with two obvious cameras and two hidden ones and send the video to a secure site.