Set Up Your Small Business Server Room Right the First Time

Security concerns are driving many small businesses to set up on-premises server rooms in lieu of cloud services. If you're one of those companies, follow these pointers and you'll get everything set up the right way the first time.

The task of setting up a server room isn't a popular one these days, especially for small businesses that just want to focus on what they do best: Growing their business. Unfortunately, the NSA spying revelations open Pandora's box to the vulnerability of cloud service providers to the vast powers that state actors — and talented black hats — can bring to bear if they set their minds to it.

With this in mind, our steps for setting up a small business server room outlines key considerations that organizations should mull over before acquiring any hardware. Moving ahead, the pointers below offer additional suggestions for properly setting up your new server rack.

For Smooth Server Rack Setup, Stick to a Plan

A server rack offers numerous advantages over a disparate stack of IT equipment in the corner of the office. Deploy a server rack improperly, though, or without proper planning, and it becomes nothing more than a large metal shelf. Since equipment must be powered off prior to being repositioned, an ill-planned deployment will either cause a disruptive downtime during office hours or force staff to stay at work after closing time.

Kick off their planning process by making a complete list of all the equipment that will go onto the rack. This includes servers, network switches and an uninterruptible power supply (UPS), as well as related devices such as keyboard, video and mouse (KVM) switches, power Distribution Units (PDUs) and any storage or security appliances.

Also list how much space the equipment will occupy in terms of rack units, or RUs, and note where each device will go prior to the deployment. Though there are few hard and fast rules about what should go where, heavy UPS units are typically relegated at the bottom of the rack. Most vendors install network-cabling panels on top — this mirrors data centers, where cable run down from the ceiling — but it's usually unnecessary for a server room.

Product News: New NEC Server Has Built-in Batteries for Backup Power

Unless you're setting up a new location, setup should be done after hours or over the weekend. Always work in teams of at least three, given the weight of the rack equipment and the potentially hazardous nature of electrical equipment. Finally, make sure the requisite power, network and peripheral cables are on hand for the big day. Overestimate what you need; you don't want to run out of cables on a weekend, and ending up with extra cords is fine.

Don't Skimp on Power — And Don't Forget Your Landlord

The need to keep power flowing to servers can't be understated, so spend some time to ensure that this is done properly. As noted in our previous piece, it may be worth the expenses to hook the server room to a separate circuit breaker. This should significantly lower the chances of an errant microwave oven tripping up the servers, or of routine electrical upgrades resulting in unexpected downtime.

Don't skimp on your UPS; even if your office has excellent power supplies, localized power failure can happen anywhere. Since practically all businesses in commercial districts rent their offices, businesses that need to set up more than one rack should confirm with the landlord that the power needed to run the racks won't be a problem. (Businesses running mission-critical workloads within their server room should look into setting up an offsite sever room as a backup, too.)

How-to: Improve Disaster Recovery Preparedness

More: The Basics of Business Continuity and Disaster Recovery Planning

Before getting your correct UPS, determine the appropriate power levels for a proper server shutdown when an outage happens. In general, a runtime of 10 to 15 minutes should be sufficient, though you may want to increase this if you run more than a handful of servers or if they cannot be automatically shut down. Most UPS vendors provide runtime charts, but verify the numbers before acquiring any hardware.

Keep in mind that the UPS may not offer enough places to plug in all appliances in the server rack. This isn't a major issue, though, as PDUs can expand the number of power receptacles. If you're low on space, consider "0U" PDUs that take up zero rack spaces by mounting vertically along the side of the rack.

For Remote Control of Server Room, Use Out-of-Band Access

If you run critical workloads, make sure your servers can be remotely accessed via an alternative circuit should the primary Internet link go offline. This is known as out-of-band access. In the past, an analog dial-up line delivered access; today, a 3G or 4G LTE mobile wireless connection, or even a slow but dedicated Internet connection, is a more appropriate option.

Out-of-band access is particularly valuable at supermarkets, retail stores or other locations without a permanent IT presence. Though control over remote servers could be achieved over the same Internet line used in your business, an out-of-band access route offers redundancy and can be more tightly monitored for increased security.

For small businesses, a software agent such as TeamViewer or LogMeIn is the most cost-effective way to remotely access a computer. Hardware appliances, though more expensive, make sense in situations where basic input-output system (BIOS) access is required or where stability is of paramount importance — if, for example, an installation is at a remote location that's particularly difficult for the IT team to access.

Hardware options range from single-server appliance such as the Lantronix Spider to an IP-enabled KVM such as the SMB-centric Raritan Dominion LX KVM-over-IP switch, which can control up to 16 different servers.

Use Keys, Cameras to Keep Your Server Rack Secure

Many talk about the latest social engineering exploits and security vulnerabilities, — and in doing so relegate lock-and-key security to the sidelines. For a start, the server room should be off limits to non-IT staffers. Other basic security measures include keeping the door of the server rack closed and locked and setting a password (with an appropriate time-out) to the KVM console where possible. These simple precautions can go a long way toward stopping unauthorized employees from meddling where they shouldn't.

Tips: How Integrating Physical and Information Security Mitigates Risks

You can bump up security by installing IP cameras to keep an eye on the equipment in your server room. This could range from an online option such as the cloud-based Dropcam HD or an on-premises solution such as Ubiquiti airCam. Considering the value of the IT equipment in your server room, either camera option would be comparatively cheap.

If you're looking for more high-tech options to monitor your server rack, consider a motion sensor or a door sensor. Ubiquiti Networks sells affordable motion sensors that uses both passive infrared and microwave technologies, as well as door sensors that are easily hooked to an IP gateway device. When connected, administrators can create rules using the company's bundled mFi Controller software to automatically trigger events such as switching on the lights or sending out an alert when a motion event is detected after hours.

Final Pointers: Keep Tools, Cables, Fire Extinguishers Nearby

With the server rack properly installed, configured and secured, it's time to prepare for the long haul. If space permits, add a tool cabinet to the server room can facilitate the storage of various spare cables and tools needed for quick troubleshooting or repair. In addition, mounting torchlights in accessible locations will certainly be helpful in the event of a total power outage.

Finally, prepare for the worst and get two fire extinguishers suitable for use on electronic equipment. (That means no water-based extinguishers.) Place one inside the server room for easy accessibility and the second away from the server room, but nearby, should the first be unreachable due to a fire.

Paul Mah is a freelance writer and blogger who lives in Singapore. He has worked in various capacities within the IT industry and enjoys tinkering with tech gadgets, smartphones and networking devices. You can reach Paul at paul@mah.sg and follow him on Twitter at @paulmah.

Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO Nov/Dec 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.