1209 Management Server Integrity Protection - The Management Software server elements must be physically secured.

  • Updated on Feb 6, 2026
  • 1 minute(s) read
  • VN
 Prev Next

Management Server Integrity Protection - The Management Software server elements must be physically secured.

While SecureDoc performs an invaluable service ensuring that data is protected by encryption, and that user access to SecureDoc-protected devices is locked down and governed by permitting only specific users to authenticate at Pre-Boot, there are other risks that any security-conscious organization should be aware of and include in its overall security design.  

The Management Software server elements must be physically secured

The elements of a SecureDoc Enterprise Server implementation can be all hosted in a single server, or may be spread across several servers depending upon the size and extent of the implementation, available server equipment and a number of other factors.  Commonly, the database is on its own server, though this is not a hard and fast rule.

WinMagic recommends that the server devices that host the elements of the SES implementation at the customer site be protected against physical access by:

  • being maintained inside a securely locked and alarmed computer room, ideally one that does not have windows
  • access points to the server room should be monitored using tamper proof video surveillance
  • having each server device protected against being opened through the use of Tamper Labels (see article on the use of Tamper Labels and physical security of Laptop/Desktop devices - the same rules can be applied for ensuring servers have not been opened or accessed)
  • equipping Server racks with cabinet locks, rack locks and case alarms where servers are rack-mounted
  • protecting rack mounting points with tamper labels/seals, to provide proof that rack equipment has not been tampered with, or replaced with un-sanctioned/foreign equipment.

Where there has been evidence of tampering, or an alarm event has occurred, customers are requested to report the event to their management and security, and logging the incident in a suitable report.  
Servers that have been tampered with should be disconnected from the network and physically sequestered in order to perform more in-depth analysis of the nature and extent of the breach.

Related articles