October is Cyber Security Awareness Month, and while we don't think that cyber awareness is something to cover just once in the year, we think it's a good opportunity to publish some information that can be used all year round.
Awareness Day Twenty Four: Hardware: Server Security
Awareness Day Twenty Four: Hardware: Server Security

Physical checks and location are equally as important as systems access controls.  Consider where the location of your server is and who else has access to that location? 
Is there a risk of tampering from an external threat?
Is there risk of accidental damage or tampering?
Who has access to the area and what other things are stored there?

Does the organisation have a  document DPE Model Physical Security Policy (179 KB) ?

Review the DfE Servers and Storage Standards for Schools and Colleges which advises that servers and related storage platforms must be secure and follow data protection legislation - they must be 'secure by design'.

Consider having your anti-virus software prevent the use of USB sticks in the organisation.

Review: NCSC Server Advice

Review DPE's previous articles about server security: 

Keeping your IT systems safe and secure

Read more …

More questions like these are in our Information and Cyber Security Checklist (only viewable with a valid Data Protection Education subscription):