[AusNOG] [SPAM] Re: Is CCTV a Necessity in a Data Centre?

Joshua D'Alton joshua at railgun.com.au
Mon Dec 3 15:19:58 EST 2012


Yet some DCs don't have HVAC or generators, and it is perfectly reasonable
they don't. Point 2 of the OP indicates he was after what areas/reasons
there were such that CCTV is/was a necessity, and/or places where it isn't.
Seems doing a case study with only the former and no input re the later
isn't going to be a very complete case study (probably like the ones the
PCI DSS guys do).

On Mon, Dec 3, 2012 at 10:49 AM, Bevan Slattery <bevan at slattery.net.au>wrote:

> Yes - you're right it's an arse cover insurance thing, the same as needing
> a front door, HVAC, generators or a roof.  Sheesh.
>
> [b]
>
> From: Joshua D'Alton <joshua at railgun.com.au>
> Date: Monday, 3 December 2012 9:30 AM
>
> To: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
> Subject: Re: [AusNOG] [SPAM] Re: Is CCTV a Necessity in a Data Centre?
> Resent-From: Bevan Slattery <bevan.slattery at nextdc.com>
>
> So as alluded to before, it seems to be an Insurance (as in PCI
> ./insurance policies) and/or ass-covering utility. Perhaps not a necessity
> in every DC?
>
> On Mon, Dec 3, 2012 at 10:22 AM, Mark Andrews <marka at isc.org> wrote:
>
>>
>> In message <
>> CAMtDJDKK6Ka3Hgv8Yx+tdo-yFLVGWEiJpt8rhAO_Pk78qRvPpA at mail.gmail.com>,
>> "Joshua D'Alton" writes:
>> >
>> > Given I replied to you originally thinking you were replying privately
>> vs
>> > the list, I think it is obvious that the human element is really key,
>> not
>> > things like CCTV ;P
>> >
>> > Anyway, I'm sure CCTV is essential for things like PCI, to meet the BS
>> red
>> > tape, but with regards to the OP post generally, so far we've only heard
>> > political/red-tape reasons.
>>
>> No.  It is one method of meeting the standard.  The *old* standard
>> only had CCTV.
>>
>> Mark
>>
>> https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf
>>
>> 9.1.1 Use video cameras and/or access control mechanisms to monitor
>> individual physical access to sensitive areas. Review collected
>> data and correlate with other entries. Store for at least three
>> months, unless otherwise restricted by law.  Note: --Sensitive areas||
>> refers to any data center, server room or any area that houses
>> systems that store, process, or transmit cardholder data. This
>> excludes the areas where only point-of-sale terminals are present,
>> such as the cashier areas in a retail
>>
>> --
>> Mark Andrews, ISC
>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
>>
>
> _______________________________________________ AusNOG mailing list
> AusNOG at lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20121203/fac24408/attachment.html>


More information about the AusNOG mailing list