S 2.311 Planning protective cabinets

Initiation responsibility: IT Security Officer, Head of IT, Head of Purchasing

Implementation responsibility: Building Services, Purchasing Department

The use of protective cabinets can make sense for various reasons, e.g. as a replacement for a server room or in order to increase the protective effect of a server room. As the cost for protective cabinets is considerable, a concept should be drawn up first which is based on the requirements of the intended operational scenarios. For this purpose, it should be examined, among other things, which components are to be protected by the protective cabinet against which threats, i.e. whether they are intended to protect their content against the impacts of fire or against unauthorised access, for example.

In addition, a cost comparison is strongly recommended. A comparison should be made between the costs for purchasing and maintaining a protective cabinet with the costs for establishing a server room or data media archive and their maintenance.

When planning the room in which the protective cabinet will be installed, a series of safeguards must be implemented for fire protection up to installation of an alarm system, where applicable, inside the protective cabinet, to ensure that sufficient physical security is provided. This also includes ensuring that no water pipes run through the room (if this is possible) since leaks can cause large amounts of damage against which not all protective cabinets are sufficiently secured. If the protective cabinet is to be used as a server cabinet, additional safeguards such as overvoltage protection, emergency circuit-breaker, air conditioning, UPS, and, if necessary, even remote indication of malfunctions must be provided depending on the protection requirements.

Review questions:

© Federal Office for Information Security. All rights reserved.