Logging. The ISP will require the maintenance of network and application logs as part of BNY Mellon’s security information and event management processes. Logs are retained in accordance with law applicable to BNY Mellon’s provision of the services as well as BNY Mellon’s applicable policies. BNY Mellon uses various tools in conjunction with such logs, which may include behavioral analytics, security monitoring case management, network traffic monitoring and analysis, IP address management and full packet capture.
Logging. (a) compressed schedules consisting of 10 hours per day, 4 days per week
Logging. The ISP will require the maintenance of network and application logs as part of BNYM’s security information and event management processes. Logs are retained in accordance with law applicable to BNYM’s provision of the Services as well as BNYM’s applicable policies. BNYM uses various tools in conjunction with such logs, which may include behavioral analytics, security monitoring case management, network traffic monitoring and analysis, IP address management and full packet capture.
Logging. Al network traffic and all server logs are monitored and logged. The following activities are logged in systems, databases and networks: • All access attempts • All searches and • Activities carried out by system administrators and others with special rights • Security incidents including (i) deactivation of logging, (ii) changes to system rights and (iii) failed log-on attempts The Supplier does not work with shared log-ins. Therefore, it will always be possible to identify which employee performed a specific activity. The relevant log files are stored and protected against manipulation and technical errors. The log files are continuously reviewed to ensure normal operation and to examine unintended incidents. Anti-virus and firewalls All external access to systems and databases where processing of personal data takes places, is filtered through a secure firewall with a restrictive protocol. A port and IP address filtration has been implemented to ensure limited access to ports and specific IP addresses. Anti-virus software and Intrusion Prevention System (IPS) have been installed on all systems and databases where processing of personal data take place, to protect against hostile attacks. The anti- virus software is continuously updated. Protection against XSS and SQL injections is implemented in all services. The internal network of the Supplier can only be accessed by authorized persons.
Logging. 13.1. The PEPPOL SMP Provider shall log all registration, editing or deleting of entries in the PEPPOL SMP. Such log shall be kept for at least 3 months or for the period prescribed by law.
Logging. 4.4.1 All User – and particularly privileged (admin) user activity – carried out by our staff on systems and servers is logged.
Logging. All employee logins are logged within the Supplier’s Microsoft Azure Active Directory tenant.
Logging. Logging facilitates bushmeat hunting by the construction of roads that connect isolated forests to urban centers, by creating new demand for bushmeat by workers and dependents, and by providing new transport opportunities in company vehicles. Measures: • Extend partnerships between protected areas and logging companies working in buffer zones; • Provide strict control of access routes to prevent commercial bushmeat hunting; • Provide alternative sources of protein to work force and dependents. • Include obligation to enforce wildlife protection laws in regional certification schemes for sustainable logging; • Conduct further research on impact of logging on apes over medium-long time span.
Logging. Iris AI uses IIS Logs for searching and archiving logs. All HTTP requests, SQL queries taking longer than expected and executed worker tasks are logged. The logged data for HTTP requests may include: ● user IP address ● time when the request was made ● execution duration ● size of the request content in bytes ● URL of the requested page ● HTTP status code of the response For all HTTP POST requests an additional log entry is created that may contain: ● user ID (if user is logged in) ● all POST data excluding passwords and other sensitive information Each database query taking longer than expected is logged with the following information: ● time when the query was executed ● query execution duration ● SQL statement All errors are logged using Windows Event Logging. Each logged error contains the following information: ● time when the error occurred ● full error stack trace ● HTTP request details ● user who made the request (if any) ● IP address where the HTTP request originated from The logs are archived for 1 year. Windows Events error logging service does correlation analysis on logged error messages. It groups similar errors together and prioritizes the errors based on their occurrence. All user activity which affects database is also stored in separate database version history. The ver- sion history can be used for checking which user was responsible for a certain change. Log inspection and alerts Iris AI has several alerts set up for our logs for certain unwanted scenarios. In some cases, these alerts also execute mitigating actions (for example, if a user has too many failed login attempts, the system will temporarily block succeeding attempts). Availability DDos attacks The following quotation from Iris AI Security documentation describes how to mitigate DDoS attacks: Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and internal bandwidth ca- pacity that exceeds the Internet carrier supplied bandwidth. We work closely with our providers to quickly respond to events and enable advanced DDoS mitigation controls when needed. In addition, Slowloris based DDoS attacks are mitigated with strict timeouts to keep connections open no longer than necessary and to reduce resource usage. Disaster recovery plan (DRP) Our platform automatically restores customer applications and SQL databases in the case of an outage. The Iris AI platform is designe...
Logging. We log activity on our system. Some of these logs are available to you in the Tapestry Control Panel. We retain more detailed logs to help diagnose and fix faults. Verification (also known as Penetration Testing) We employ independent firms to check that our systems are secure by attempting to hack or penetrate them. These firms are accredited by the relevant industry bodies. The penetration tests cover both the web and the app versions of Tapestry. The penetration tests include authenticated tests, where the testers are provided with login details to Tapestry accounts to check whether they can exploit those to see or extract data that should not be visible. If you have a legitimate interest in Tapestry (e.g., you are the account owner, a prospective customer or a parent) we are happy to provide a summary of what the independent testers found – please contact us at xxxxxxxx.xxxxxxx@xxxx.xxxx. Please also get in touch if you want to find out when the last test took place or the next test is scheduled. We also regularly run automated security tests and carry out internal security reviews.
