Cybersecurity Training A. Contractor represents and warrants that it will comply with the requirements of Section 2054.5192 of the Texas Government Code relating to cybersecurity training and required verification of completion of the training program. B. Contractor represents and warrants that if Contractor or Subcontractors, officers, or employees of Contractor have access to any state computer system or database, the Contractor, Subcontractors, officers, and employees of Contractor shall complete cybersecurity training pursuant to and in accordance with Government Code, Section 2054.5192.
Physical Security Contractor shall ensure that Medi-Cal PII is used and stored in an area that is physically safe from access by unauthorized persons during working hours and non- working hours. Contractor agrees to safeguard Medi-Cal PII from loss, theft or inadvertent disclosure and, therefore, agrees to: A. Secure all areas of Contractor facilities where personnel assist in the administration of the Medi-Cal program and use or disclose Medi-Cal PII. The Contractor shall ensure that these secure areas are only accessed by authorized individuals with properly coded key cards, authorized door keys or access authorization; and access to premises is by official identification. B. Ensure that there are security guards or a monitored alarm system with or without security cameras 24 hours a day, 7 days a week at Contractor facilities and leased facilities where a large volume of Medi-Cal PII is stored. C. Issue Contractor personnel who assist in the administration of the Medi-Cal program identification badges and require County Workers to wear the identification badges at facilities where Medi-Cal PII is stored or used. D. Store paper records with Medi-Cal PII in locked spaces, such as locked file cabinets, locked file rooms, locked desks or locked offices in facilities which are multi-use (meaning that there are personnel other than contractor personnel using common areas that are not securely segregated from each other.) The contractor shall have policies which indicate that Contractor and their personnel are not to leave records with Medi-Cal PII unattended at any time in vehicles or airplanes and not to check such records in baggage on commercial airlines. E. Use all reasonable measures to prevent non-authorized personnel and visitors from having access to, control of, or viewing Medi-Cal PII.
Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.
Physical Security of Media DST shall implement controls, consistent with applicable prevailing industry practices and standards, that are designed to deter the unauthorized viewing, copying, alteration or removal of any media containing Fund Data. Removable media on which Fund Data is Schedule 10.2 p.3 stored by DST (including thumb drives, CDs, and DVDs, and PDAS) will be encrypted based on DST encryption policies.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Registry Interoperability and Continuity Registry Operator shall comply with the Registry Interoperability and Continuity Specifications as set forth in Specification 6 attached hereto (“Specification 6”).
Physical and Environmental Security DST shall: (i) restrict entry to DST’s area(s) where Fund Confidential Information is stored, accessed, or processed solely to DST’s personnel or DST authorized third party service providers for such access; and (ii) implement commercially reasonable practices for infrastructure systems, including fire extinguishing, cooling, and power, emergency systems and employee safety.
NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.
ODUF Physical File Characteristics 6.2.1 ODUF will be distributed to TWTC via Secure File Transfer Protocol (FTP). The ODUF feed will be a variable block format. The data on the ODUF feed will be in a non-compacted EMI format (175 byte format plus modules). It will be created on a daily basis Monday through Friday except holidays. Details such as dataset name and delivery schedule will be addressed during negotiations of the distribution medium. There will be a maximum of one dataset per workday per OCN. If AT&T determines the Secure FTP Mailbox is nearing capacity levels, AT&T may move the customer to CONNECT: Direct file delivery. 6.2.2 If the customer is moved, CONNECT: Direct data circuits (private line or dial-up) will be required between AT&T and TWTC for the purpose of data transmission. Where a dedicated line is required, TWTC will be responsible for ordering the circuit, overseeing its installation and coordinating the installation with AT&T. TWTC will also be responsible for any charges associated with this line. Equipment required on the AT&T end to attach the line to the mainframe computer and to transmit messages successfully on an ongoing basis will be negotiated on an individual case basis. Any costs incurred for such equipment will be TWTC's responsibility. Where a dial-up facility is required, dial circuits will be installed in the AT&T data center by AT&T and the associated charges assessed to TWTC. Additionally, all message toll charges associated with the use of the dial circuit by TWTC will be the responsibility of TWTC. Associated equipment on the AT&T end, including a modem, will be negotiated on an individual case basis between the Parties. All equipment, including modems and software, that is required on TWTC end for the purpose of data transmission will be the responsibility of TWTC. 6.2.3 If TWTC utilizes FTP for data file transmission, purchase of the FTP software will be the responsibility of TWTC.
Placement of DNS probes Probes for measuring DNS parameters shall be placed as near as possible to the DNS resolvers on the networks with the most users across the different geographic regions; care shall be taken not to deploy probes behind high propagation-‐delay links, such as satellite links.