Physical Locks for Your Server Room

In this video, we’re talking about physical locks for your server room. Now your server room or MDF is at the most critical part of your network and should be protected at all times. If you think about it, our main servers are in there, our core switches are generally in there, and other vital pieces of equipment on our network. And if your MDF or server room gets compromised, then your whole network is most likely going to be compromised. So how do we protect this? So there’s a lot of different types of locks out there that we can use to secure this. And these are some of the most common ones.

The first one we want to show you is a biometric lock.

Now a biometric lock can be used in a number of ways: It can either be unlocked by a fingerprint, your voice, AI, or even facial recognition depending on the type of biometric device you have. Now these tend to be the most expensive option. But they also tend to be more secure, because in theory, it is difficult to duplicate someone’s fingerprint or retinal scan, for example. Next up, we have a numeric keypad, which is pretty common in things like department stores in some businesses. Now a numeric keypad is definitely going to be cheaper than the biometric, or a good biometric, lock, I should say. And you simply enter in whatever the numeric code is to unlock the door.

We also have RFID, which is a pretty popular one. Now RFID relies on a radio frequency that’s a close range. And when I say close, it’s typically, you have to be about an inch away from the scanner. The nice thing about RFID is you could have it in a number of things. You can have it on a ID badge, for example, so you don’t have to carry around multiple keys. An RFID badge could unlock the door, you could use it as a form of identification, and also, it can also log in who’s actually unlocking the door. And finally, we have a standard key lock.

Now a standard key lock is going to be, again, pretty much like any other lock on any door. So which one is right for you? That’s going to really depend on what your environment is like. If you have a small server room, let’s say a desktop, not a lot of stuff on there, not too much traffic through there, you’re probably going to be OK with the standard key lock. Whereas if you have a pretty large data centre, it’s very important if you have a lot of traffic coming through, then you’re probably going to want to look at something like RFID or biometric option. So again, depending on your environment, it’s going to depend on the type of lock.

How secure does it need to be? I also should say that no matter what lock you go with, no lock is going to be perfect, just like no password is going to be perfect. Someone tries hard enough, they are going to be able to get through there. However, we do want to put these locks in place to make it more difficult for people to try to enter. Now wrapping up, first off, your server room is a critical room again. Our critical servers are there, our core switches are there. Again, if your server room gets compromised, your entire network is almost definitely compromised. Number two, what type of lock should you use? Again, that’s going to depend on your environment.

So you do want to evaluate how secure that room needs to be. Which brings us to number 3, limit access. That access should be limited to only those who need access to that server room. The key should not be distribute to everyone if they don’t need access. Ideally, only a couple of people will have access to that room. That way, it’s much more difficult for keys to get lost, for somebody to get in there, whatnot. The server room should also be locked at all times. It doesn’t do any good to have a really expensive lock, or even an inexpensive lock, and the server room is either unlocked all the time or it’s left open.

We need to make sure those server rooms are locked at all times. It’s also a good idea to log who goes in the server room and when. Again, if you use RFID badges, that actually will come in pretty handy, because most RFID locks will actually begin to create a log for it. Who goes in, what time, what date, things like that, which is a great way to audit who’s coming in and out. Biometric locks will also most likely have that feature, at least the little bit more expensive ones out there. So that was about securing your server room with locks.

And in the next video, we’re going to be taking a look at securing operating systems, starting with best practises for patch management. Thank you for watching, I’ll see you in the next video.