Security Patrols

Security patrols might be required for data centers which are large in size and/or when a higher level of security is required. Policies and procedures need to be established which should include, but not be limited to:

  1. Description of route(s) to be taken with a preference for a variety of routes and patrol start times to avoid predictability.
  2. Checkpoints on each route, preferably via electronic systems. Electronic systems should be functionally secure (e.g. avoid QR code, barcode, etc.).
  3. Tests to be conducted (e.g. random door alarm test).
  4. Adoption of a call-home/heart-beat routine (where applicable).
  5. Timings/intervals with a preference for an ‘around-the-clock’ and taking into consideration office/out of office hours.
  6. Reporting/activation procedures for when a breach is detected.

The organization should consider having additional security checks which might be executed on a less frequent basis to verify specific security aspects (e.g. ventilation ducts, metal detectors, explosive sniffing devices, (computer room) cabinets).