Written by Nate Josephs

Sr. Systems Engineer/Data Center Manager
In the previous article, I discussed the importance of implementing all three documents (policies, processes, and procedures) to minimize risk in the data center.  I further discussed that policies differ from processes and procedures as policies are guidelines and rules based on expected outcomes versus instructions on how to perform work.  In this article, I will explain how to create effective policies for your data center.

To create useful policies for data centers, data center managers need to start by engaging leadership, internal/external customers, and all other key stakeholders to define what is expected of the data center.  Stakeholders’ expectations may include satisfying regulatory compliance requirements along with their expectations regarding uptime.  These expectations will vary.  One organization such as a bank, or 24/7 e-commerce company may expect 100% uptime all the time while meeting very stringent security and compliance requirements relating to financial transactions.  In contrast, a company providing onsite consulting services 8am-5pm on weekdays may have much lower expectations and can tolerate an occasional server room outage.

The following are a few examples of items often included in data center policies:

  • Training – All technicians and vendors must complete data center training provided as by the data center manager prior to performing any work in the data center
  • Service Tickets – Technicians must obtain an approved service request ticket prior to making any changes within the data center
  • Opening Raised Floor Tiles
    • A maximum of 3 floor tiles may be opened at one time to prevent loss of cold air pressure in the floor plenum
    • Cones must be placed around all open tiles
    • Tiles must be placed in original locations immediately after work is complete
  • No Liquids, Food, Cardboard and Empty Plastic Bags area allowed in the data center
    • Food and liquids can cause short circuits, damage IT equipment, set off leak detection
    • Cardboard is a fire hazard and creates unwanted dust
    • Empty plastic bags and empty antistatic bags can block airflow causing IT equipment to overheat
  • Cleaning
    • Perform all work outside the data center that creates dust or metal shavings such as cutting and drilling
    • HEPA vacuum and wipe down (including wheels) before moving new server cabinets into the data center
    • Buckets containing water and cleaning solutions must remain outside the data center

The above policy examples are effective because they are written in clear/concise language and avoid any extraneous “how to” details.  These policies are also practical because although they mention specific departments, or job titles, they avoid using actual names.  As people change roles, leave the organization, transfer to other departments, or get promoted, this churn would cause policies to become outdated quickly if actual names were included.

As mentioned, policies are guidelines and rules that define expected outcomes versus explaining how to actually perform tasks.  To create effective policies, engage leadership, customers and key stakeholders to determine what is expected of the data center.  Expectations should include compliance requirements and risk tolerance level for data center outages.  In the next article, I will discuss how to create effective processes.


Be sure to check back here soon for the next installment in our series of Policies vs Processes vs Procedures .