‘WHANGDEPOOTENAWAH, In the Ojibwa tongue, disaster; an unexpected affliction that strikes hard.’ | ||
| --Ambrose Bierce (1842-1914) | ||
A data centre is a secure room or rooms where the company’s critical servers and other important equipment are housed. A computer data centre is the heart of any modern organization. A disaster here can cripple an entire organization within minutes, so special precautions need to be taken to prevent IT disasters, especially within the data centres.
Example . Disaster inside a data centre
Building Security: ‘Hello Mr CIO. This is the Building Security Officer calling. Sorry to wake you up at 2 am in the middle of the night. There was a fire in the office just now.’
CIO: ‘Heavens. What was the damage?’
Building Security: ‘Not much, I think. Luckily the fire engine came within 20 minutes and doused out the fire. The fireman said the fire had damaged only a couple of computers. It didn’t spread to other areas.’
CIO: ‘That’s a relief. Any idea what those computers were?’
Building Security: ‘Only those two big black computers in the data centre. The ones with blinking green lights that were labelled Mainframe 1 and 2. They’re burnt to a crisp, along with the cassettes that were stored behind them.’
CIO: ‘Mainframe 1 and 2 and our backup tapes? My God! Help!!’
How should a data centre be built?[1]
The simple answer is ‘as safely as possible’. Data centres are the heart of any modern organization and should be built with extreme care and conforming to all safety and international standards. A data centre should always be spacious, fire-proof, water-proof, anti-static, ventilated, airconditioned and in a UPS power-supplied room. Ensure that qualified professionals conforming to all industry standards do the electrical and networking cables inside the room. It should also have proper security and access control facilities so that no unauthorized person can enter the centre.
Several best practices exist and today it is not necessary to reinvent the wheel. There are organizations that specialize in providing consultancy and implementation for building world class data centres. However, here is a long list of some common best practices:
Ensure that the data centre is fire-proof. Do not have any material that can catch fire inside or near the data centres. Also, ensure that the areas beneath and above the data centres are fire-proof, water-proof, etc.
Have proper fire alarms, smoke detectors, fire extinguishers, etc, handy. Have fire extinguishers ready and in working condition.
Ensure uninterrupted power supply (UPS) to all critical equipment. Ensure that the UPS can withstand long durations of main power failures by also providing good quality backup generators.
Have all important servers and equipment only inside data centres.
Have an external consultant or fire department inspect and certify the premises periodically.
Ensure there is no water leakage or humidity anywhere near the data centre.
Ensure that the data centre is not directly above or below any hazardous areas. For example, the data centre should not be located above a kitchen, or a place where they store fuel.
Do not allow unauthorized persons to operate any equipment or enter the data centre.
Have a proper air conditioner to cool the IT equipment.
Do not have any plants and other decorative material inside the data centre.
Do not store empty cartons, packing material, inflammable material, liquids, etc, inside the data centre.
Have static eliminators installed at key locations. This will prevent electrostatic charges from gathering around carpets, doorknobs, etc. Static electricity is very dangerous and can cause minor to major shocks to anybody touching a charged object. In addition, it can also cause electronic equipment to fail.
Do not draw more power than recommended from any power supply outlet. Have proper fuses and circuit breakers installed.
Ensure the data centre is free from pests, rodents, ants, etc.
When lifting or relocating equipment ensure that it is done by qualified personnel using proper tools – trolleys, rubber mats, etc.
Do not stack equipment one above the other without installing it in proper racks. Ensure adequate ventilation and space for easy maintenance.
Do not allow anyone to bring drinks, snacks, food, etc inside the data centre. Don’t touch any IT equipment with wet hands. Do not touch the motherboard or other electronic components when the chassis is opened for any reason. Static electricity on the hands and fingers can destroy electronic chips.
Always use high quality electrical and computer cables inside the data centre, even if they are expensive compared to ordinary cables.
Keep all manuals, original disks, CD-Roms, licence numbers, etc, in a safe documented fire-proof place. Keep multiple copies of every important document. Keep an additional copy in the disaster recovery centre.
Always buy branded and reputable hardware models, even though they may be slightly more expensive. Branded and reputable manufacturers invest in the necessary R&D to ensure that their products are tested and supported fully. You get upgrades and bug fixes that solve problems. Unbranded and assembled computers are normally a mixture of several unknown vendor products, and usually have freak problems that will get no support from the equipment seller. For example, with an unbranded computer you may have the motherboard from one vendor and the video card from another vendor. If you notice some freak problems in the system, neither manufacturer will own the problem or help you solve the issue.
Ensure that your technical staff undergo periodic training in the latest areas of IT support.
Replace servers, computers and software with the latest and better systems periodically. Most manufacturers declare certain models and versions obsolete within two or three years and stop supporting them. If your organization is still using old systems or older software you run the risk of not getting any vendor support when they fail.
Ensure that the server passwords are used only by authorized personnel and change them often. A critical server’s password with an unauthorized or incompetent person is a disaster waiting to happen.
Delete all unwanted user IDs periodically to prevent unauthorized use.
Do not remove the chassis cover on any equipment without powering it down. Attach a static discharge belt for additional safety. Some high-end servers allow hot pluggable hard disks that allow you to install a hard disk when the system is running. Unless it is absolutely necessary to keep the system powered on always, do not try to use such features. Shut them down and then upgrade or repair.
Periodically reduce the number of unwanted and old IT machines throughout the organization.
Always buy tested and proven versions of software and hardware. For example, if a manufacturer releases a new version of an operating system or office application don’t try to install it everywhere immediately just to be ahead of the rest. Wait for the software to stabilize in the market and then implement it in a staged manner. Remember that most software and operating system upgrades are one-way processes and cannot be rolled back easily. For example, if you suddenly decide to upgrade to the latest operating system and later discover that none of your critical finance applications work properly this could lead to a serious crisis.
[1] For more information on this topic, see also ‘Data Centre Security and ISO27001’, published by ITGP.