Reasons to not allow people into the server room
I have worked at a few hosting companies and seen two schools of thought on this
- Do not allow customers into the server room. The argument is basically it raises security (this news story is normally provided as a reason that security is only good if you know the people) and privacy and that if you provide a local terminal for them it is good enough.
- Allow customers into the server room because people need access to their machines and it makes a good show piece.
Is there any reasons (such as legal, compliance etc...) that you should not allow people into the server room?
Assuming that the hardware for each client is segregated in separate cages, etc. then I see no reason not to let people in to the server room. However for highly sensitive critical data, e.g. Banks, Police etc I would only ever what an extremely small number of qualified people in that room. When it comes to customers how do you know they are qualified and equally not malicious. Not worth the risk.
In these situations where the slightness downtime or loss of data would incur huge issues it is always safe to err on the side of caution.
says it all, really :)
In my experience 75% of service/system outage is down to a 'layer 8'/wetware problem - people spilling drinks, pressing buttons they shouldn't, tripping over cables, even 'testing' RAID failover for no damn reason!
Keep people out, one way of doing this is to have a manual entry log with a 'reason for entry' field that they have to write themselves - that'll stop people without a good reason.