Scribd
Upload
2K views11 pages

Datacenter SOP XYZ Company

This standard operating procedure outlines policies for the XYZ Data Center to ensure efficient and compliant operations. It defines roles and access permissions for authorized staff, vendors, and visitors. Remote access via VPN or SSH requires approval and compliance with security procedures. All hardware, software, and resource installations and allocations require approved work permits. The document also covers emergency contacts, inventory management, staff training, and use of a staging server for testing new systems.

Uploaded by

Umair Ahmed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2K views11 pages

Datacenter SOP XYZ Company

This standard operating procedure outlines policies for the XYZ Data Center to ensure efficient and compliant operations. It defines roles and access permissions for authorized staff, vendors, and visitors. Remote access via VPN or SSH requires approval and compliance with security procedures. All hardware, software, and resource installations and allocations require approved work permits. The document also covers emergency contacts, inventory management, staff training, and use of a staging server for testing new systems.

Uploaded by

Umair Ahmed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 11

XYZ

STANDARD OPERATING PROCEDURE


DATA CENTER
2019
1 Purpose
This Standard Operating Procedure (SOP) will serve as guiding policy document to ensure smooth operations
of XYZ DATA CENTER /Government network services. The objective is to achieve efficiency, quality output
and uniformity of performance, while reducing miscommunication and failure to comply industry
regulations. It will clarify processes by which all current and future stakeholders for XYZ Data Center shall
be mandated to follow and adhere.

2 Scope
This SOP shall apply to all XYZ DATA CENTER staffs, government agencies, contractors, vendors and all the
stakeholders who are availing XYZ DATA CENTER services. This SOP shall also cover all servers, connected to
XYZ DATA CENTER services that is being used to configure and manage service installation remotely.

3 Introduction
XYZ DATA CENTER is a critical national ICT infrastructure, which serve as platform to efficiently and reliably
deliver (Web services, Cloud services, FTP etc.). It is equipped with state-of-art ancillary facilities including
power, cooling, rack space, fire safety and other physical security feature.

4 Role Definition
Authorized Staff/User: Employees who are authorized to gain access to the XYZ DATA CENTER.

Authorized Vendor/: Private contractor who, through contractual arrangement and appropriate approvals,
have access to the XYZ DATA CENTER.
Data Center Staff: XYZ employees who work at the XYZ DATA CENTER.

Visitors: All other personnel who may occasionally visit XYZ DATA CENTER but are not authorized to be in the
XYZ DATA CENTER without escort.

5 Physical Access
Staff/Vendor

Authorizations will only be approved for individual(s) who are responsible for installation
and/or maintenance of equipment housed in the XYZ DATA CENTER. Approval processes are as follows:
Concerned vendor/staff must fill up access authorization form and submit to XYZ system department.
Upon approval, the authorized staff member or vendor shall be issued access permit.
Authorized staff/vendors shall be allowed entrance into the XYZ DATA CENTER area by a Data Center
employee upon producing access permit.
Authorized staff/vendors are responsible for logging in/out when entering/exiting the XYZ DATA CENTER.
The purpose of the visit must be documented.
Visitor
Anyone who is not a XYZ DATA CENTER employee, an authorized staff member, or authorized vendor is
considered a visitor. All visitors to the Data Center must adhere to the following procedures:
Visitors must always be accompanied by either a Data Center employee or other authorized staff member
while in the Data Center.
Visitors must log in/out when entering/exiting the Data Center. The purpose of the visit must be
documented.
All personnel must always wear a visitor identification badge .
Visits should be scheduled through XYZ system department. Unscheduled visits to install equipment or
perform other tasks shall not be entertained.

6 Remote Access
Virtual Private Network (VPN)

Only approved employees and authorized third parties shall be provided VPN clients credentials. Only one
VPN access credentials will be provided.
Authorized employees or third parties must adhere to following requirement:
Fill up request form and submit to XYZ system department.
It is the responsibility of employees/authorized party with VPN privileges to ensure that unauthorized users
are not allowed access to the network.
When actively connected to the corporate network, VPNs will force all traffic to and from the PC over the
VPN tunnel.
Only XYZ DATA CENTER approved VPN clients must be used.
Authorized user shall protect their username and passwords.
All hosts that are connected to internal networks via remote access technologies must use the most up-to-
date anti-virus software.

7 Secure Shell Access


Only approved employees and authorized third parties, vendors shall be provided SSH credentials. Only one
SSH access credentials will be provided.
Authorized employees or third parties must adhere to following requirement:
Fill up the access form and submit to XYZ system department.
It is the responsibility of employees/authorized party with SSH privileges to ensure that unauthorized users
are not allowed access to the network.
Authorized user shall protect their username and passwords.
All hosts that are connected to internal networks via remote access technologies must use the most up-to-
date anti-virus software.

8 Resources
Hardware/Equipment
Hardware/Equipment refers to all devices (servers, firewalls, storage devices, network switches, racks)
installed within the XYZ DATA CENTER designated area. All installation, replacement and removal works shall
be approved by XYZ.
Authorized staff/vendor performing equipment installation must submit a work permit and get approval
before carrying out any of the following tasks.
Installation of new hardware.
Replacement of hardware.
Removal/Decommissioning of defective equipment or expired equipment.

9 Application/Software
Application/Software refers to all proprietary, in-house or outsourced software as well as all open source
software being used to run the services at XYZ DATA CENTER.
The authorized staff/vendor performing installation or configuration works shall submit a work permit form
and get approval before carrying out any of the following tasks:
Installation and configuration.
Upgrades/Updates.
Decommissioning/Uninstallation/Removal.

10 Allocation
Resource refers to all usable network, compute and storage capacities currently available and ready to be
allocated. The concerned agency wishing to avail resources at XYZ DATA CENTER must follow procedures
outline below:
Seek approval from XYZ to host services/application at XYZ DATA CENTER.
Submit resource requirement. application must be accompanied with a comprehensive project document in
case of new application/system/website.
11 Human Resources
Training
Capacity building is key to ensure smooth operation of XYZ DATA CENTER. Technical team shall be provided
trainings in following field.

sr. Category Target Audience

1 Advanced System XYZ DATA CENTER NOC Team

2 Data Center Network & XYZ DATA CENTER NOC Team


Security Administration

3 Application/Database XYZ DATA CENTER NOC Team


12 Emergency Contact
In the event of a staff member availing leave, it should be ensured that there is a backup personal, who can
fulfill all obligations during his/her absence.
Set autoresponder on email along with contact details of person who has been delegated the task.

13 Inventory Management
An inventory of all hardware/software/application shall be maintained.
Hardware
An up-to-date list of hardware component in XYZ DATA CENTER shall be maintained.
Software Library
An up-to-date list of applications hosted in XYZ DATA CENTER shall be maintained
Service/Applications Catalogue
A list of software licenses/versions, Operating Systems and other critical software shall be maintained.

14 Configuration and Testing


XYZ system department shall provide a staging server where new software/applications shall be temporarily
hosted for testing before going into production environment.
All configuration and testing of hardware/software shall be carried out in the staging server.
Staging server will be a temporary provision until the end of testing phase. After completion of tests, all
resource shall be held back, and all configurations shall be erased.

You might also like