G 0.4 — Contamination, Dust, Corrosion

A server has stood for two years in a room it shares with the copier and a fax machine. First, fine toner dust blocks the processor fan — sporadic crashes result. Weeks later the power-supply fan also fails. The PSU overheats, a short circuit follows. Total failure. The cause: dust that accumulated unnoticed over months.

Contamination, dust and corrosion act gradually. The damage is rarely attributed to a single cause because it builds up over weeks and months. The BSI lists this threat as G 0.4 — and it affects far more devices than the obvious servers and storage systems.

What’s behind it?

Modern IT equipment contains mechanically moving components alongside electronics: hard drives, fans, optical drives, printers. As precision increases, these components become more susceptible to contamination. Even minor dust deposits can trigger a chain reaction: blocked fan → heat build-up → emergency shutdown → failure.

Sources of contamination

Construction work — Drilling, chiselling, grinding of walls and raised floors produces fine dust that enters IT equipment through ventilation slots. A single drill hole in the wall next to a server is enough.
Toner and paper dust — Printers and copiers near servers generate fine particles that deposit on circuit boards and in fans.
Packaging material — Unpacking hardware stirs up polystyrene particles that attach electrostatically to components.
Ambient air — In production environments, near busy roads or close to agriculture, the baseline air load is considerably higher than in office environments.

Corrosion attacks housings, contacts and circuit traces. It is accelerated by humidity (interaction with G 0.2 and G 0.3) and aggressive gases. A corroded contact on a connector can cause intermittent failures that are extremely hard to diagnose. Corroded pipes can also lead to water leakage and thus trigger threat G 0.3.

Impact

Most IT equipment has safety circuitry that shuts the device down on overheating. That limits hardware damage, but means the device is unavailable. The real economic damage comes from the outage — a server that shuts down because of a blocked fan can cause as much damage as a destroyed server.

Practical examples

Drilling dust in the power supply. Facilities staff drill holes into an office wall to mount a notice board. The employee has briefly left the room. The PC sits directly next to the drilling site. Drilling dust enters the power supply through the ventilation slots. On return, the PC no longer works — the PSU has suffered a short circuit.

Creeping fan failure. In a small data centre the AC dust filters and server fans are not cleaned regularly. Over 18 months layers of dust settle on the cooling fins. The fans run progressively louder and at higher speeds until bearing damage finally occurs. Automatic emergency shutdown prevents hardware damage, but the affected server is down for two days until the spare part arrives.

Corrosion on connectors. In a building near the coast the contacts of network cables on the patch panels corrode. The result: intermittent connection losses that are misdiagnosed as software issues for weeks. Only a systematic hardware check reveals the greenish-tinted contacts.

Relevant controls

The following ISO 27001 controls mitigate this threat. (You’ll find the complete list of 8 mapped controls below in the section ‘ISO 27001 Controls Covering This Threat’.)

Prevention:

A.7.5 — Protecting against physical and environmental threats: Protective measures against contamination, dust and corrosion in IT environments.
A.7.8 — Equipment siting and protection: Locate IT hardware in suitable, clean rooms — separated from dust sources.
A.7.11 — Supporting utilities: Maintenance of air-conditioning and ventilation systems, including filter cleaning.
A.7.9 — Security of assets off-premises: Protection requirements for IT equipment in harsh environments.

Detection:

A.7.10 — Storage media: Regular inspection of storage conditions for media — contamination and corrosion.
A.8.1 — User endpoint devices: Visual inspection and cleaning of workstation equipment.

Response:

A.5.14 — Information transfer: Documented procedures for when contamination-related failures interrupt the information flow.

BSI IT-Grundschutz

G 0.4 is linked in the BSI IT-Grundschutz catalogue to the following modules:

INF.5 (Room and cabinet for technical infrastructure) — Requirements for cleanliness, dust protection and environmental conditions in technical rooms.
INF.1 (General building) — Baseline structural protective measures against contamination and corrosion.
SYS.4.5 (Removable media) — Storage conditions for sensitive storage media.
OPS.1.2.2 (Archiving) — Protection of archived data and media from environmental influences.

Sources

BSI: The State of IT Security in Germany — Annual report with current threat statistics
BSI IT-Grundschutz: Elementary Threats, G 0.4 — Original description of the elementary threat
ISO/IEC 27002:2022 Section 7.8 — Implementation guidance on equipment siting and protection

Frequently asked questions

Why is dust dangerous for servers?

Dust settles on cooling fins, in fans and on circuit boards. Cooling performance drops, fans run at maximum speed and wear out faster, and heat build-up can occur. In the worst case, overheating causes automatic emergency shutdowns or irreversible hardware damage.

How do I protect servers from dust during construction work?

Before construction work near IT rooms: erect dust barriers, switch the air conditioning to recirculation mode (no fresh-air intake), cover IT equipment where possible. After the work: thorough cleaning including the raised floor, and replace the AC filters.

How often should server rooms be professionally cleaned?

At least once a year a professional cleaning is advisable; under high dust loads (e.g. production environment, nearby construction site) more often. Raised floors, cable ducts and AC filters are included. Between professional cleanings, a monthly visual inspection should take place.