Final answer:
The company was practicing poor security measures by keeping a server in an unlocked room, which is against typical information security protocols.
Step-by-step explanation:
The fact that the server has been in an unlocked room marked "Room 1" for the last few years means the company was practicing poor security measures. Proper information security protocols generally require that critical hardware, like servers, be secured in a locked room with restricted access to prevent unauthorized entry and potential data breaches. The presence of the server in an unlocked room indicates a lack of adherence to these protocols and increases the risk of both physical and digital threats to the company's sensitive data.