Protecting Your Computer Systems
Computer systems have become an integral part of our business life. We use them daily for a multitude of tasks, from banking to inventory to customer service. If your computer system goes down, what kind of effect will it have on your business? What would even one hour of downtime cost you in lost orders and inefficiency? There are steps you and your safety team can take to keep your computer systems operating efficiently.
Hardware Protective Measures:
- Server and communications rooms should be isolated from general office areas by a one-hour fire rated room with a one-hour locking fire door. Walls should extend from the floor to the underside of the floor/roof, above the drop ceiling.
- Limit access to the computer rooms with keys or swipe cards.
- Inventory and label all computer equipment.
- Install a "clean agent" fire extinguisher at the entrance door.
- Water and plumbing lines should not extend over computer rooms.
- Computer rooms should have a separate HVAC system to maintain proper temperature and humidity and the controls should be locked and unavailable to unauthorized employees.
- Computer and communication equipment rooms must have a reliable power source free of interference or electrical disturbance. Electrical supplies must be on a dedicated distribution line and separated from the general power supply to the building's lighting and HVAC systems. Extension cords should not be used.
- Lightning and surge protection is mandatory and should be provided at the electrical distribution panel and the incoming communication equipment. Do not depend on strip surge protectors to stop damage from a lightning strike to the building. Most strikes will come through the power or data lines.
- Plan for emergencies to ensure that your data center continues to operate in the event of a power outage. Provide for emergency power systems to continue operations or to safely shut down systems.
- The computer room raised floor should be of non-combustible construction and the area below the floor should not be used for any storage.
- Depending on the nature of the equipment, be sure that the computer room floor will support the weight of the computer and related equipment. Most backup power units contain lead batteries and are very heavy. A structural engineer may need to be consulted.
- Surge protectors must have an Underwriters Laboratory label showing the device is a "UL 1449 LISTED TRANSIENT VOLTAGE SURGE SUPPRESSOR." not just "tested or designed to the standard" but actually "Listed". This ensures the device meets the standard. Do not plug surge protectors into each other or use as extension cords.
- Notebook computers should be physically locked in place in the office, and if taken off the premises, a proper theft prevention plan needs to be developed and communicated to employees. Start up password protection is mandatory along with wireless safeguards.
Software & Data Protective Measures:
- Implement a company-wide, comprehensive software security plan and update the plan on a regular basis.
- Select effective random passwords and change them frequently. Educate employees on how they should select their passwords to help block unauthorized access and use.
- Do not permit unauthorized software to be installed by employees. This includes downloading or installing software off the Internet without permission.
- Implement a daily data backup and recovery rescue plan. Backup data should be stored off site.
- Effective firewall, spam and virus protection software should be installed and updated at least weekly, if not daily.
- Limit employee web surfing to business sites only, including your notebooks outside the main office.
- Do not allow employees to access personal e-mail accounts on company computers and notebooks. This invites virus and spam sites to attack your computers.
- Develop a corporate policy regarding personal use of the Internet and computer equipment by employees and their families during and after business hours.
- Develop a corporate policy regarding use or printing of materials and programs found on the Internet that may violate copyright laws.
- Instruct employees to lock or log-off when they leave their computer so others cannot use the computer. Employees have different security levels and these levels are at risk if you leave the computer unlocked.
- Critical and sensitive customer data should not be loaded to notebooks removed from the premises. Theft of the computer will make your customer data available for identity theft.
- Wireless routers that transmit customer data must be secure to prevent theft by others outside the business premises. A data breach must be avoided.
You should obtain assistance from an expert professional computer technician for complete hardware, data and software protection and backup advice.