S 1.29 Adequate siting of an IT system

Initiation responsibility: Head of IT, Building Services Manager

Implementation responsibility: Building Services, User

When installing an IT system, attention should be paid to various requirements which enhance the security, but also the lifetime and reliability of the technical equipment and take account of ergonomics (see also S 3.9 Ergonomic workplace). Some of them are listed here by way of example:

• If possible, an IT system should be sited such that only the authorised users can view the screen contents Location near to a window or door will pose a risk of observation of the screen activities from outside.

• To avoid the possibility of IT systems being manipulated they should be sited such that only authorised persons have access to them IT systems in areas frequented by visitors or external personnel must be protected against theft and manipulations by additional safeguards.
• An IT system should not be sited in the immediate vicinity of heaters so as to avoid overheating
• An IT system should not be exposed to direct sunlight

• Dust and soiling should be avoided since the mechanical components (removable media drives, mechanical mouse, hard drives) might be impaired
• The installation site should be selected in such a way that damage due to external impacts such as flooding, burst pipes, increased humidity, electrical interference, and electromagnetic emissions are avoided whenever possible.

All employees should be informed of which impacts are harmful for IT systems so that they can help to avoid them. This includes, for example, contaminations by food or beverages, cigarette smoke or ash, but also the incorrect use of cleaning agents.

Depending on the environment, it may also make sense to use additional means for protection of IT, such as, for example, covers for all keyboards or screen covers preventing view from the side.

Review questions:

• Are IT systems installed in such a way that only authorised users can view the screen contents?
• Are IT systems installed in such a way that they are protected against manipulations or theft?
• Are IT systems installed in such a way that they are protected against harmful environmental impacts?
• Have the users been informed about how to use IT systems suitably?