Physical protection for servers

• Keep servers under lock and key.
• If possible, lock the cabinets of individual servers.
• Similarly, keep switches and hubs under lock and key.
• Monitor and limit access to server rooms.
• Consider fire and flood risks as well as theft.

Server security tips

• Managing a server can be a technical challenge. Consider hiring a knowledgeable IT manager or outsourcing the work to a trusted supplier.
• Restrict the number of administrator passwords.
• For servers running Microsoft operating systems, run Microsoft Baseline Security Analyser for security advice.
• As with desktop PCs, servers need a firewall, regular updates and anti-virus software.
• Don’t use a server as an employee’s workstation.
• Read server reports, such as security logs, and monitor for changes and irregularities.
• Make sure that server rooms are kept cool.
• Make sure you have a rapid response maintenance contract for any servers.
• Treat server backups as if they were complete copies of all the information on the server (which they are) and make sure that they are also kept under lock and key and only available to authorised personnel.

Get the right hardware

Although a regular desktop can run server software, because servers are the hub of any network, it pays to invest a little extra in more reliable, durable hardware. Suggested upgrades include:

• Redundant disk drives. Using a RAID array of drives means that if any one hard disk suffers a failure, no data will be lost and a replacement can be just plugged in.
• Redundant power supplies and cooling fans.
• Look for a computer that has been designed as a server, so that it will be more robust and more durable.
• Get a server that has a lockable case to prevent unauthorised alterations or access.
• Consider getting a hardware firewall in addition to any firewalls installed on the server or on desktop machines.