Fill This Form To Receive Instant Help
Homework answers / question archive / Eation PowerPoint Drawing Tools sons Slide Show Review View MT (Body) - 20 ÅÅ A US AV
Eation PowerPoint Drawing Tools sons Slide Show Review View MT (Body) - 20 ÅÅ A US AV. Aa. ay.A. Help Format Tell me what you want to do SIA Text Direction Align Text AZ 7.-> Convert to SmartArt- { Paragraph Font OPERATING SYSTEM HARDENIM Maintenance of security is a challenge Required different hardening processes within a data center. O
Hardening of the Operatin System(OS) is the act of configuring an OS securely, updating it, creating rules and policies to help govern the system in a secure manner, and removing unnecessary applications and services. This is done to minimize a computer OS's exposure to threats and to mitigate possible risk.
Types of Security Hardening
Since there are several components that combine to make up your system, it stands to reason that there are also different types of security hardening designed to address each. These include the following:
Hardening Steps for Data Centre Management
Environment Control
* Temperature and Humidity
The temperature of each computer room within the data centre is recommended to be controlled between 20 and 24 degrees celsius, and a humidity between 40 and 55%.
* Fire Protection
Halon, FM-200 or other total flooding agent solution should be deployed in each computer room within the data centres. Fire extinguishers should be located strategically across the data centres. Wet pipe sprinkler systems must not be used. Emergency power off switches should be available inside each computer room of the data centres.
* Flood Protection
Whenever possible, raised floors should be used in the data centres. Water detectors should be installed beneath the raised floors.
Physical Security
* Location of Data Centre
The locations of data centres should be carefully selected to reduce the risk of accidental or deliberate trespass by the unauthorised parties. The data centres should not have obvious signs. It is best to have concrete walls without windows. If there are windows, universities should use those areas for administrative purposes only.
Data centres are also recommended to be located where the risk of external threats, such as flooding, is low.
* Surveillance
There should be Closed-Circuit Television (CCTV) cameras outside the data centre monitoring the entrance and inside the data centre. Security guards should be hired to monitor the perimeter of data centres and report any incidents to IT management on a timely basis.
* Physical Access Control Device
Lockers or key card access systems should be used to restrict the access to data centres to authorised personnel only. The best practice is to have two-factor authentication systems, such as key card access systems with individual personnel identification number (PIN) for each access card holder. Other systems like biometric (e.g. fingerprint) access control products can also be implemented to achieve this objective.
Disaster Recovery
* Disaster Recovery Plan
Universities should develop disaster recovery plans for their data centres and ensure that the plans are regularly tested, reviewed and updated at least on an annual basis. IT management should ensure sufficient backup resources are available to support the disaster recovery plan.
* Offsite Backup
Regular offsite backups of essential data should be performed by the IT department. The IT management should establish a set of operational procedure to define the scope, frequency, media and restoration of offsite backup process.
Remote Data Centre Management
* Logical Security Requirement
A secure remote data centre management solution should support one or more of the following capabilities:
Others
* IT Staff Training
Sufficient training program should be provided to IT staff members so that they are adequately equipped with knowledge and skills to perform the monitoring, configuration, installation and maintain tasks for systems and devices hosted within the data centres.
If data centre management software is used, IT management should ensure that comprehensive instruction manual and training courses are offered by vendors prior to deploying the software in production.