Yesterday I was running new cable for a rather large doctor's office that just expanded their offices some more - I also installed some POE Wireless Access Points, and other garbage, but that doesn't matter. Naturally the servers were very important, contained massive amounts of patient information. Each server was on a UPS, had redundant everything, and the office manager told me that each server set them back about $15K.
I said "I guess that's why these walls are so thick". She laughed and said "yes". The walls around the server room were about 2 1/2FT (0.7m) thick concrete, and she told me that the floors and ceiling were too. They also had this giant metal door with a deadbolt that locked on all four sides of the door. I was pretty impressed and everything (I've seen better, but this isn't bad for a doctor's office) until I started running my initial wires. I was in the server room punching down into the patch panel when a printer on one of the racks started printing, "that was weird", I thought, but then thought "well, maybe it prints out some kind of log or something."
Then a woman came in and got the paper out of the printer and left. About 2 minutes later the same thing happened again, and again, and all day long I saw people going into the server room to receive paper. I asked the office manager what was going on and she told me that "the reports printer is very important, so we keep it in the server room." I then had to ask "So, the server room stays open all the time, to all employees?" she replied "Well, of course." There goes your security.
After going back to the server room, I looked at the printer and it was a regular network printer, some kind of HP laserjet garbage that was around 10 years old - I didn't write down the model to share, unfortunately. Anyway I told the office manager that she should really reconsider and put that printer anywhere else in the building. I pointed out that if you wanted to keep the printer secure, giving all employees access to it in the first place made it a really WTF situation - and it being in the server room made it worse at least 10 fold.
She wouldn't budge from her security position. And after hooking up some new machines for the new wires I ran, I got a chance to talk to other employees who thought it didn't make sense either, and also told me several times if a server was beeping or making a weird sound, several different employees thought it urgent to completely unplug the server - in one case a janitor took a server off the rack and tried to "fix" it and ended up shorting a bunch of stuff out.
After discussing this with the office manager again, she again stood on her stance it was more secure. I spoke to the head doctor who actually owned the building and he didn't even know it was in the server room, and he then got into a huge argument with the office manager and even he pointed out her severe stupidity and illogical thinking. In the end he decided to go with what the office manager was saying; I gave him too much credit - I guess so he didn't have to deal with her.
Before leaving I said "When you're ready to move that printer, I'll come do it for you." She didn't say anything, just cut my check. I have to say their stupidity goes over financially as well; for about 6 hours of total work, I made about $250 US an hour.