Like many other industries, the IT world has its own set of urban myths. One that has surfaced more often that most is the case of the mysteriously rebooting server. Normally it happens around 7.30 am in the morning and subsequent investigation shows no obvious problem. Even more bizarrely, it only occurs Monday to Friday and also avoids public holidays. Eventually an engineer will be tasked to come in early to observe the problem in action. Everything will appear normal and then suddenly the screen will go dead as the cleaner pulls out the power cable from the socket in order to plug in the vacuum cleaner.
Yesterday, this actually happened to me. I was messing around with Nagios on my test Ubuntu server, when I lost my SSH session. My test server is in the hall, next to my ADSL router as it runs VMWare which isn’t compatible with the Wi-Fi card that I have and hence needs to be connected by cable. Sure enough, investigation showed that the cleaner had unplugged the server in order to use the vacuum cleaner. Actually, she had knocked out the network cable, but it wouldn’t be an urban myth if there wasn’t some exaggeration.
Why is this related to security? Protection of physical infrastructure including power and communications is just as relevant to security as any other aspect. Power failure in particularly can cause data loss as well as the obvious availability problems.
Such an event should trigger a company’s incident event procedure. At one place I worked, this would have involved numerous meetings with a large number of participants who would have produced a report recommending IT training for cleaners, the development of a cleaning procedure for IT equipment, installation of security cameras to observe that the procedure was being followed and a member of staff to audit and report. I on the other hand will be taking my wife’s advice and shifting my fat lazy ar*e to put in some proper cabling to make sure cleaner and server never meet.
No comments:
Post a Comment