[Checklist] Establishing Server Room Security

What is a server room?

Server rooms are physically separated from the rest of the office equipment because server room security requires adherence to more or less strict rules.

Larger server rooms that spread across buildings are called data centers. Leading cloud computing providers have powerful data centers with multiple server rooms. These rooms have even stricter requirements, usually regulated by a number of industry standards.  

Why do you need a security checklist?

Server rooms must meet specific environmental conditions to be able to support your network, avoid crashes and failures, and prevent physical damage to this valuable business asset.

As a general rule, servers are huge energy spenders, produce heat, and therefore like it cool (but not freezing).

Server room
‍Server rooms must have adequate temperature and frequent cable checks

You’ve probably experienced the heat coming from beneath the laptop and the perpetually ‘on’ fan. Servers are thousand times more powerful than a laptop. If servers get overheated, they can affect the computer performance in the whole office, reduce the server lifespan and even cause hardware damage. Therefore, a proper AC-system is a prerequisite to server room security.

A number of ways have been developed to support a safe environment for your servers. Standards include design descriptions of the area in view of the server’s computing power, especially if more than one server is stored in the same room. The location of the server room within the building layout is also important.  

Servers are electricity-feeding machines, whose poorly met requirements can affect your whole business. They store your digital assets, often including sensitive data and backups. Consequently, a server room checklist is a must-have for your IT team or, if you have a small business, for the person in charge of the various types of business assets.   

Security checklist

This server room security checklist includes the rules you need to follow in order to protect your computer servers from serious issues. For easier navigation through the long list of rules, applicable standards are separated into four distinct areas: physical space and temperature, equipment and furnishing, electricity, and server room security requirements.

‍Only authorized staff can access server rooms

Physical Space and Temperature Requirements

  • Server room should be windowless and sound-proof all over the surface, including walls, ceilings, and doors
  • Ceilings should be at least 9 feet high.
  • Server room doors need to be between 42 and 48 inches wide, and at least 8 feet tall.
  • Enough room for future growth, including space for extra cooling units.
  • Floors should be made of antistatic materials, raised above the ground.
  • Heat-controlled environment with temperature specifications of 72°F (+/- 2°F) and 45% RH (+/- 5%)
  • When possible, campus chilled water system needs to be installed, meeting temperature specifications of entering water at 46°F and return water at 60°F.

Kisi Products
Regain Full Control the Easy Way

Discover what makes Kisi the most advanced cloud access control solution.

Equipment and Furnishing Requirements

  • At least one telephone line.
  • Computer racks should fit industry standards. Space around equipment must be at least 42 inches.
  • Isles must have a space of 48 inches around them.
  • Anti-seismic bracing and proper grounding must be implemented around the computer racks.
  • Computer racks should follow the hot/cold aisle layout.
‍Computer racks in server rooms should fit industry standards

Electricity Requirements

  • The computing equipment should have an electrical intensity of maximum 300 watts/square foot.
  • No supplemental equipment that creates extra heat.
  • Separate power panels for the computer equipment and the HVAC system.
  • Backup power source for the server room.
  • Dedicated grounding for the electrical system.
  • Have a backup generator
  • Frequently check cables

Security Standards and Requirements

  • Door alarms at all access points.
  • Video cameras at the entrance are recommended.
  • Fire prevention system, including alarms at critical points and fire extinguishers.
  • Flood alarms.
  • ID badges for the authorized staff (unless an access control system is in place).
  • Strict visitor policy with continuous monitoring.

Securing your server room with Kisi's cloud based access control will allow you to integrate some of the security measures mentioned above by relying on one single tool. Among other features, Kisi will allow you to:

  • Give and revoke access to the room remotely
  • Integrate with Active Directory, Google Apps, Yubikey, etc. - Learn more about our integrations
  • Allow smartphone access (without issuing any keycard)
  • Give temporary access to visitors (which will automatically expire afterwards)
  • Perform remote door unlocks and scheduled unlocks
  • Health monitoring and forced-open alerts
  • Generate heatmaps of door unlocks by date and time
  • Export unlock events (meeting compliance standards)
  • And a lot more...
Kisi can help you secure your server room: find more information here.

Final considerations: a comprehensive server room security checklist should also include emergency planning action plan for immediate, automated response procedures and modern security systems can help with setting such actions.

Starting a new project?
Download our Physical Security Guide

Get the full guide and other great security content from Kisi. 

Download Guide
Kisi Physical Security Guide