Equipment should be protected from power failures and other disruptions that may be caused by failures in supporting utilities.

Organizations should take the necessary steps to help ensure the potential operational impact associated with supporting utility failures is limited.

The clear risk associated with not addressing supporting utility controls is the potential unplanned outages that affect business operations. Supporting utilities is the focus of pitfall #44 in my eBook, Security Program Pitfalls and Prescription to Avoid Them.

All supporting utilities, such as electricity, natural gas, water supplies, sewage, and heating ventilation and air conditioning (HVAC), should be adequate for the systems, as well as personnel, they are supporting. Supporting utilities also need to be able to support any new infrastructure devices or other new equipment planned for implementation as your organization grows.

A suitable electrical supply should be provided that meets power requirements defined by equipment manufacturers. An uninterruptible power supply (UPS) should be implemented to support the orderly shutdown for equipment that supports critical business operations. UPS devices and generators should be regularly checked to ensure they have adequate capacity. Testing of these devices should be performed in accordance with the recommendations of the respective manufacturer or vendor.

Emergency lighting should be installed and regularly tested to ensure it is operating correctly in case of a power failure. Emergency lighting should cover all emergency exits and planned evacuation routes within each of your organization’s facilities.

Emergency power-off switches should be located near emergency exits in data centers and equipment rooms to facilitate a rapid power down in case of an emergency. These devices should be maintained, prominently marked, and protected from accidental activation.

To learn more about this pitfall, and 99 more, get my book: 100 Security Program Pitfalls and Prescriptions to Avoid Them (available on Amazon here). Or register for a demo of the ASCENT Security and Compliance Portal and get a free synopsis of the 100 Security Program Pitfalls eBook today.