|
|
Initiation responsibility: Management
Implementation responsibility: Site planner
A computer centre should be designed as a closed, secure area. If possible it should have only one door and no windows, as every means of access must be monitored (see also S 1.10 Use of safety doors and windows). Access should be protected through high-quality access control mechanisms. When planning a computer centre and/or selecting suitable premises, potential hazards due to environmental influences should be minimised as far as possible. Thus it is equally important to counter effectively not only potential dangers such as ingress of water from the roof top or in basement rooms but also sources of EMC interference, e.g. cellular network transmission facilities or three-phase generators.
It is essential that a computer centre is properly protected against break-ins by both structural and technical means. Recommendations on this subject will be found in safeguard S 1.19 Protection against break-in and in BSI publication, "IT security through infrastructural measures" (see Annex).
Often a high degree of availability is required for IT components operated in computer centres. These requirements can be accommodated through redundant design of the infrastructural and technical equipment (see safeguard S 1.52 Redundancies in the technical infrastructure).
To avoid a mixture of low-level technology (power supply, air conditioning) and high-level technology (computers) in the computer centre, separate premises should be planned. The technical infrastructure of the computer centre should be installed in separate rooms. In computer centres with high availability requirements the protection concept must not overlook telecommunications components "towards the outside". If they are not as effectively protected as the technical core components, availability cannot be guaranteed. For example, it should be noted that the protection requirement of the active network components involved in communications to the outside world (such as routers and switches) is the same as the protection requirements of the core areas of the computer centre. This applies as regards both physical protection and also detection, sensors and alarm systems.
It is desirable that equipment relating to
is in each case accommodated in a separate room (and optionally also with a separate fire cut).
During planning care should be taken to ensure that the routes taken by service pipes and cables in the building, e.g. for water or gas (see S 1.24 Avoidance of water pipes), do not run in close proximity to the computer centre or even through sensitive parts of it.
A computer centre is a security-relevant area, and therefore only administrators of the IT systems installed in the room should have access to it. Appropriate access controls must be put in place covering admission by the organisation's own staff and, even more important, by temporary staff, e.g. employed on maintenance work in the computer centre, to prevent their obtaining access to systems outside of their area of activity.
There should be a ban on bringing into a computer centre any portable IT systems, mobile phones or cameras unless these are under the control of the organisation concerned. In general the use of mobile phones in computer centres should be forbidden as these can cause considerable interference to the operation of IT systems. Any exceptions to this rule must be agreed (see S 2.188 Security guidelines and rules for the use of mobile phones).
When planning building alterations or building new facilities for a computer centre the parameters listed below should be considered.
In practice an aspect ratio of 1:1 up to a maximum of 2:3 has proven effective for a computer room. This shape facilitates the structure layout of IT components and their cables in the computer centre.
If the architectural design permits it, installation of a raised floor is recommended. Its height will depend on the technical equipment and usage. If the raised floor is used for air conditioning it should be approximately 50 cm high.
When dimensioning IT rooms, as a minimum the following framework dimensions are recommended:
| Clear ceiling height from raised floor | 3.00 m |
| Distance between supports | 6.00 m |
| Door width in unfinished state | 1.10 m |
| Door height in unfinished state | 2.10 m |
Ceilings and raised floors should be designed to withstand a load of at least 1000 kg/m2.
The raised floor must be a perfect fit and from a height of 20 cm it should have a fire protection quality of F30 in a closed condition. In general the safety guidelines for raised floors issued by Bundesverband Systemböden e. V., Düsseldorf should be observed.
Note: the raised floors and suspended ceilings in the IT room must end at the IT room walls. The structural design should not create any unprotected points of access.
Corridors should be at least 1.80 m wide and be covered with non-slip, smooth flooring material that is capable of withstanding relatively high transport loads.
Any lifts provided within the computer centre should have a carrying capacity of at least 1,500 kg. The clear internal cabin dimensions should be at least 2.80 m deep, 1.50 m wide and 2.20 m high.
Additional controls:
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
last update: July 2001 |