1) Physical Access Controls• These refer to the procedures and physical barriers which prevent unwanted users from accessing a database stored on a server.• The most simplest of these strategies might be to lock a server room or a room with computers which have access to the server.
Biometrics• Biometrics is the use of physical human characteristics, like fingerprints or facial features. It can also include voice patterns or handwriting.• This form of security appeals to managers because it is nearly impossible to copy or steal a persons biometric characteristics.
Swipe Cards• The most commonly used form of data protection.• Mostly used to authorise bank transactions, they normally contain a magnetic strip which contains details about the user and needs to authenticated by a PIN number.• These are also used in organisations as a internal security.• A door can be connected to a computer which allows access to a user entering it if they have security clearance.• Limitations are that they can be damaged easily and when stolen saved information can be easily extracted from it.
2) Power Protection• A server can be damaged by a power surge. Over voltage occurs when a sudden surge of power is sent to a power outlet.• A surge protector protects against this over voltage by standardising the voltage to device at all times.• A better form of protection is a UPS or a uninterruptible power supply. It protects against overvoltage but also provides 30 minutes of power if a power failure occurs. This allows for someone to shutdown the server properly and avoid any corruption of data.
3) Avoiding system failure• This can occur due to faults in power supply, CPU, hard disk or RAM. In many organisations it is important that there is no disruption to operations at any time.• There are two ways to overcome this;1. Utilise a mirrored server.2. Save data across multiple servers.
Storage across hard drives• RAID Array - In a RAID protected system, fragments of data are stored across several hard drives, so that if one hard drive fails the other hard drives can piece together the missing data and rebuild the files using error checking codes.
Mirrored Servers• This is a more expensive option. It involves having two servers which mirror each other.• When data is modified and saved a copy of the data is sent to both servers. When one fails the data is simply retrieved from the other server.
4) Software Protection• Anti-virus Protection – It is important that anti virus softare is updated regularly and scans occur on a daily/weekly basis.• Firewalls are installed• Anti-intrusion software – this is used to monitor who has accessed your network. It provides data summaries of activity on your network, and informs the IT department of any irregular log ins.
5) Surveillance Technology• Packet Sniffers are diagnostic tools that monitor the contents of packets of data being sent across networks. Packet sniffers are mainly used in workplaces to monitor email and internet usage.• Desktop Monitoring Software sends an real time desktop image to an administration computer. (Synchronise)• Closed circuit television can be used to protect the theft of equipment but can also be used to detect the unauthorised us of computer equipment.• Log Files - these are files stored on the compter which record the activity of the user. The Operating system stores internet cookies and internet history which can be later checked.
6) Environmental ConcernsThis refers to issues arising from the area in which theserver is stored.It could include•Heat issues which are resolved by installing an airconditioner in the server room.•Sand and dust. In some circumstances these are majorfactor that can effect the performance of the servers.Particularly in the industrial sector.•Fire and flooding may also need to be consideredprotecting from. Fire proofing and or providing fireprotection equipment.