How do you control access into your data center? Can anyone walk in? Do visitors need to stay within the line of sight of their escorts? Those are two diverse standards for data center access control. More than likely, your needs fall somewhere in between these examples. When developing your data center access control plans, below are some of the items you need to consider.
Personnel List: Who are you going to allow access into your data center? Some of the personnel you need to consider are: Data Center
Access Levels: After you have decided who needs to access your data center, you must determine what type of access they are going to have. Are they going to have unescorted or escorted access? Are there areas they cannot access? Are there personnel who will have access at specific times, such as on a shift basis or for planned events such as maintenance windows? What about access for contractors or vendors on an emergency or repair basis (unscheduled work)?
Access Tools: Consider how individuals currently gain access into your data center. Do you leave the doors unlocked? Do you use keys, card keys, numeric code entry or biometrics? As you develop your plan, you will need to consider costs associated with modifications to existing hardware and controls.key and key card
Do you require background checks and drug screens prior to having ongoing access into your data center? Who routinely approves access into the data center? Can an operation center employee approve access or does it take the company CIO? More than likely, the answer is somewhere in the middle.
Access into your data center is a critical piece of your overall data center operation. The items listed here are just some of the things that need to be considered. A well thought-out access control plan will ensure that your data center stays secure, and work can be done with minimal interruptions.