Friday, April 13, 2012

Data Center Access Policy and Guidelines

       This procedure provides Data Center Access Policy and Guidelines for the process of providing short term (visitor) and long term data center access. This will be achieved by a workforce (i.e. anyone conducting work including, but not limited to contractors, vendor partners, employees, etc.) who consistently apply safe work practices, including emergency procedures in the event of disasters, to meet your business needs.  A safe and secure environment will help to assure the health and well being of all individuals (including workforce and visitors) as well as minimize the impact of incidents that could affect business operations. 
      To mitigate potential and preventable impacts to facilities IT equipment caused  by unauthorized data center access through the application of industry standards, governmental regulations and current best practices with the goal of ensuring 100% operability and reliability when called upon for service.
 
       Workforce members should assist each other in following the guidelines.


Input(s)

  • The Data Center Facilities Team Lead is responsible to ensure that all IT personnel adhere to the policy of applying for data center access.
  • See contact list for appropriate contacts.
  • Any member of the workforce may STOP any WORK in progress due to unsafe work methods, conditions causing the area to be unsafe, emergency, or for any other Data Center operational necessity.  All unsafe work methods will be reported to the Data Center Operations Team Lead who will investigate the situation and take corrective action
Physical Security
  • Physical access to all computer rooms must be tightly controlled.  Doors must be locked at all times with only authorized personnel having access.
      -
    All employees, contractors, and visitors on company premises must wear identification tags at all times.
      -
    All visitors and vendors MUST be approved by the Data Center Facilities authorized approvers, visitor access added to their smart card (visitor card), and must be escorted while in the data center.
      - Authorized personnel must not allow unknown or unauthorized individuals into restricted areas.  Unauthorized or unknown personnel not accompanied by authorized personnel, particularly in computer areas, must be challenged (in a tactful manner).  Personnel without a valid reason for being in the computer room must be escorted out of the computer room immediately and Security must be contacted.
      -
    Security in the Data Centers is the responsibility of the Data Center Facilities Team Lead.  The Data Center Facilities Team Lead will manage security by:
            **
    Daily reviews and processing of your facilities Data Center Access
            ** Weekly reviews - Door Checks
            ** Quarterly review of all individuals with Data Center Access
            ** Yearly Documentation and Review
Outputs
        Data Center Facilities Team Lead shall ensure that records and documentation is kept with all checklist results, door checks and required maintenance actions.


Metrics
       Check list results are maintained and available at all times.


Contacts
  • Data Center Facilities Team Lead – xxx who will be assigned
  • Data Center Facilities Coordinator – xxx who will be assinged
  • Emergency Back Up – xxx who will be assigned

0 comments:

Post a Comment