The computer room often houses
-
The central processor units
-
Disk and tape drives
-
ODTs
-
Printers
At sites where security is a concern, the following minimum policies should be observed:
-
Permit only authorized personnel in the computer room. All other personnel should obtain clearance before being admitted.
-
Maintain a log of all persons, other than those normally authorized to be in the computer room, who are admitted to the computer room.
-
Escort all noncomputer room personnel who are granted special clearance to enter the computer room. Make special arrangements, when necessary, for situations where long-term access is required.
-
Have computer room personnel challenge the presence of anyone who does not appear authorized to be in the computer room.
-
Be sure that if a maintenance technician must handle any storage media, such as disk platters or magnetic tapes, either the technician is trusted with access to information on the media, or the media are erased or “scrubbed” before the technician is permitted to handle them.
-
Take the following precautions if unscreened personnel have access to the computer room and it is impossible to escort them:
-
Physically power down all disk packs with sensitive information that should not be viewed by unscreened personnel.
-
Enable security-administrator status, if it is not already enabled, by doing the following:
-
Set the value of the system SECADMIN option to TRUE by entering ??SECAD + at an ODT.
-
Assign SECADMIN to the security administrator usercode in the USERDATAFILE.
-
The preceding steps ensure that only the security administrator can
-
Modify system security settings.
-
Interrogate and modify all user attributes or copy the USERDATAFILE.
