Physical server security

A lot of time and columns are spent discussing securing a server from outside attacks. This is perfectly valid because it's easier for an attacker to use the Internet to break your server than it is for them to gain physical access.

However, some IT professionals gloss over the importance of physical server security. Many, if not most, of the most egregious breaches of security are performed from inside the organization.

  • How do you protect your servers from users with on-site access who have no need to access the server or server room itself?

Is it just next to the IT manager's desk in a cubicle, or locked behind several doors with electronic card and biometric access?

Once someone has physical access to the servers, what protections are in place that prevent, or at least log, access to sensitive data they have no reasonable need to see?

Of course this will vary from organization to organization, and business need to business need, but even print servers have access to sensitive data (contracts and employee information) being printed, so there's more to this than might appear at first glance.


Solution 1:

All our production servers are stored on the other side of the world in a solid data center. Man traps, biometric scanners, the whole box and dice.

For the machines that are in our office, they live in the server room, accessible only via swipe card. Only the sysadmins have swipe cards that can access that area.

In short, if someone physically has their hands on your kit, then your data is theirs. If this is a sufficient concern then pgp'ing anything of value and decrypting it on the fly is a heavy handed but necessary requirement.

edit: you could extend this to questions of physical security of your backup media. What good is solid physical security if your offsites are not as or more secure?

Solution 2:

The amount of physical security you need depends on the nature and size of your business, IT staff, etc. For most smaller companies, a locked door and inexpensive security camera will do the trick.

Securing access to the electrical closet is important, too. Throwing a breaker goes a long way toward shutting down computer systems.

Solution 3:

All manners of physical security can be taken with smart card access, prox sensors, heavy doors, kick plates, cameras, strong passwords, biometrics..

The problem is when electricians needed to do wiring, prop the door open with a brick and head off to lunch without notifying anyone. It had happened once. Luckily I came in moments later. Funny how a brick can circumvent $10k+ of security.

Solution 4:

Another thing. Beware of non-technical users and their stupidity.

Our production servers were safe at colocation center, but development ones in the office. Once the cleaning lady couldn't find free power outlet, and plugged the vacuum cleaner to the servers' UPS. Luckily it had quite loud overload alarm, so we could react promptly.

Other case (don't know how much real or urban legend it is), there where mysterious downtimes of one of the servers every day early in the morning. No one could identify the problem. Resulted, that the security guard at the start of his shift would unplug one of the servers, and plug in the coffee maker. He though that "no one would notice, it was only 3 minutes".

Solution 5:

Our building used to be a bank, so we keep our servers in the vault. Cooling isn't great, but we only have half a dozen, and none of them are hugely powerful, so it's not really an issue.