To protect data against disaster, multiple servers should be placed at various locations, so that each server can absorb critical workloads. Another way to protect data is to copy critical files and store one or more copies at locations away from the server. Although physical security can play an important part in disaster recovery, it more broadly encompasses physically protecting the LAN and its resources from misuse. Controlling who has physical access to LAN resources is the key to physical security. Restricting who can upload programs and copy data is another physical security measure. Diskless workstations prevent users from loading unauthorized software from disk. Developing procedures to control what programs get used on the LAN is a key component of data security. Once the procedures are in place, access controls can be the means of enforcement. To cover flaws in security, there must be multiple layers of defenses supported by audits.