Common use of Asset Classification and Logical Access Control Clause in Contracts

Asset Classification and Logical Access Control. Braze maintains an inventory of essential information assets such as servers, databases, and information. All Customer Data is classified as Confidential by Xxxxx. Braze adopts the principle of least privilege for all accounts running application or database services, as well as with its own staff. For example, Customer Success Managers only have access to the regions for which they are directly responsible. Braze maintains separate development, staging (or sandbox), user acceptance testing, and production environments access to each environment and within each environment is strictly controlled. Access to Braze’s servers is controlled via revocable SSH keys managed via configuration management and rotated at least annually. All access to Braze’s servers or Customer Data is logged and can only be accessed through Braze’s VPN, which uses multi-factor authentication. Database access is controlled via 32 and 64-character passwords with IP whitelisting. Xxxxx’s HR onboarding and off-boarding processes handle provisioning and de-provisioning of accounts and access.

Asset Classification and Logical Access Control. Braze maintains an inventory of essential information assets such as servers, databases, and information. All Customer Data is classified as Confidential by XxxxxBraze. Braze adopts the principle of least privilege for all accounts running application or database services, as well as with its own staff. For example, Customer Success Managers only have access to the regions for which they are directly responsible. Braze maintains separate development, staging (or sandbox), user acceptance testing, and production environments access to each environment and within each environment is strictly controlled. Access to Braze’s servers is are controlled via revocable SSH keys managed via configuration management and rotated at least annually. All access to Braze’s servers or Customer Data is logged and can only be accessed through Braze’s VPN, which uses multi-factor authentication. Database access is controlled via 32 and 64-character passwords with IP whitelisting. XxxxxBraze’s HR onboarding and off-boarding processes handle provisioning and de-provisioning of accounts and access.