Introduction to NonStop Operations Management

ManualsBrandsHP ManualsServerHP NonStop G-Series

171

172

173

174

175

176

177

178

179

180

Security Management

Introduction to NonStop Operations Management–125507

9-10

Environmental Controls

from the room, putting locks on the doors, and not posting signs that indicate the

location of the computer facilities.

Environmental Controls

Access to the power supply and the air conditioning can provide ample opportunity for

accidental or malicious damage. Consider controlling access to the power supply and the

air conditioning by locking the control panels.

System Cabinets

Protect the system cabinets from accidental damage and deliberate malicious acts. All

cabinets are shipped with locks that use the same key. You might want to consider

installing your own cabinet locks to better protect the system. Anyone with access to the

computer cabinets and the appropriate key could bring down the system.

Terminals

Unattended, logged-on terminals invite intruders to access the system. You might want

to require that the command interpreter’s automatic logoff option is always on.

Printers

Unless care is taken, intruders can obtain the information they need to break into a

system by examining the output of system printers. For example, user account numbers,

telephone access numbers and codes, and even privileged passwords might be printed on

publicly accessible printers. Printed copies of electronic mail messages can also provide

names that enable intruders to deceive others into presuming the legitimacy of their

requests for information.

Tape Units

Like all computer peripherals, protect tape units physically and procedurally from

accidental and malicious damage. Unprotected, they offer an avenue of intrusion. For

example, with the proper timing, an intruder might remove a backup tape from the tape

drive, take it to another system, read it, then return it without detection. Operators should

be vigilant when performing system backups.

When backing up files from disk to tape, you might want to consider using the

NOMYID option of the BACKUP utility. This option prevents files that originally

belonged to one user ID from being restored onto another user ID.

Tape Library

Monitor the on-site tape storage area closely to ensure that an intruder does not get

access to a previous backup tape. Keep audit trails for all tape library transactions.

On-Site and Off-Site Media Storage

Protect the on-site and off-site media storage areas from intruders. Methods of

protecting storage areas include keeping transaction logs for all tape library transactions,