Information security in general practice

Securing your network and equipment

Protecting and maintaining your physical hardware

        1. Protecting and maintaining your physical hardware

Protecting and maintaining your physical hardware

There are several ways to ensure your practice’s physical hardware is maintained and protected.

Tips for protecting your physical hardware

  • All computers should be kept reasonably dust free, especially over the intakes for the cooling fans.
  • Be familiar with the operating temperature limits of your servers, as overheating is one of the major causes of server failure.
  • Server room temperatures should be regularly monitored, and dedicated air conditioning installed if required. You should consider installing a thermometer in the server room.
  • Take extra precautions over the summer months – run air-conditioning overnight on hot days or install ceiling suction fans.
  • Always follow vendor guidelines, and seek professional advice from your technical service provider.
  • Ensure your technical service provider assesses the ‘computer heartbeat’. This is a signal occurring at regular intervals to indicate a computer is working correctly, or synchronised with other parts of the system. If the heartbeat is not available, an error may have occurred. ​

Create a policy: Hardware maintenance

Your practice policy and procedures should include hardware and physical maintenance.

Your policy should confirm the requirement for:

  • all system maintenance performed by your practice team or technical service provider to be documented
  • regular hardware maintenance to be undertaken. This may include:
    • checking battery life on the UPS
    • preventive maintenance
    • planned upgrades
    • monitoring server room temperatures regularly​

Create a policy: Physical protection

Your practice policy and procedures should include physical network and hardware protection.

Your policy should cover:

  • how all removable computer equipment is secured from theft or damage
  • the physical location of your server to ensure it is secured with limited and controlled access
  • how the server is identified so practice team members know which computer is the server
  • how software disks and backup media are physically protected
  • how computer monitors are positioned in open-access areas to prevent unintentional viewing of information
  • appropriate use of screensavers
  •  your clear screen policy
  • your clear desk policy
  • appropriate paper document management
  • the secure disposal of hardware
  • how to delete all data on devices
  • How and when to perform a routine clean around the back of computers and other equipment
  • Controlling environmental conditions (e.g. extreme heat)