Cryptographic controls Sample Clauses

Cryptographic controls i. Contractor has a cryptographic controls policy in place that is documented, has obtained management approval, is reviewed no less frequently than annually and is maintained to ensure its continuing suitability, adequacy and effectiveness.
AutoNDA by SimpleDocs
Cryptographic controls. The Contractor should put in place an appropriate policy on the use of encryption, plus cryptographic authentication and integrity controls such as digital signatures and message authentication codes, and cryptographic key management.
Cryptographic controls i. Contractor has a cryptographic controls policy in place that is documented, has obtained management approval, is reviewed no less frequently than annually and is maintained to ensure its continuing suitability, adequacy and effectiveness. Security of system files Contractor has procedures in place to control the installation of software on operational systems; Contractor selects test data carefully, and the test data is protected and controlled; and Contractor restricts access to program source code. Security in development and support processes Contractor has implemented procedures to maintain the security of application system software and information; Contractor utilizes formal change control procedures to implement changes; and Contractor supervises and monitors outsourced software development. Technical Vulnerability Management Contractor documents the technical vulnerabilities, the exposure evaluated, and the appropriate measures taken to address the associated risk.
Cryptographic controls. 10.1.1 Policy on the use of cryptographic controls Defined in the Eight Technology Information Security Policy
Cryptographic controls. Data importer shall follow a documented policy on the use of cryptographic controls. Data importer’s cryptographic controls shall:
Cryptographic controls. Iron Mountain shall follow a documented policy on the use of cryptographic controls. Iron Mountain’s cryptographic controls shall:
Cryptographic controls. The Consultant should put in place an appropriate policy on the use of encryption, plus cryptographic authentication and integrity controls such as digital signatures and message authentication codes, and cryptographic key management.
AutoNDA by SimpleDocs
Cryptographic controls i. Upon award and not later than six months following execution of the Contract, Contractor will create a cryptographic controls policy in place that is documented, has obtained management approval, is reviewed no less frequently than annually and is maintained to ensure its continuing suitability, adequacy and effectiveness.
Cryptographic controls. ● Cryptographic keys must be in line with industry best practice (minimum 256 bits for symmetric keys and 2048 bits for Asymmetric keys) ● Cryptographic keys must be protected against modification and loss ● Minimum standards must be defined for ciphers, protocols and hashing algorithms ● A recognised library must be used for cryptography algorithms ● Private keys must be transferred securely between components (minimum of AES 256)

Related to Cryptographic controls

  • Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.

  • Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.

  • Expansive Controls Where the capability exists, originating or terminating traffic reroutes may be implemented by either Party to temporarily relieve network congestion due to facility failures or abnormal calling patterns. Reroutes will not be used to circumvent normal trunk servicing. Expansive controls will only be used when mutually agreed to by the Parties.

  • Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.

  • Audit Controls a. System Security Review. CONTRACTOR must ensure audit control mechanisms that record and examine system activity are in place. All systems processing and/or storing PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.

  • Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.

  • Personnel Controls The County Department/Agency agrees to advise County Workers who have access to Pll, of the confidentiality of the information, the safeguards required to protect the information, and the civil and criminal sanctions for non- compliance contained in applicable federal and state laws. For that purpose, the County Department/Agency shall implement the following personnel controls:

  • Controls Each party will maintain commercially reasonable administrative, technical, and physical controls designed to protect data in its possession or under its control from unauthorised access, accidental loss and unauthorised modification. You are responsible for implementing administrative, technical, and physical controls that are appropriate for your business.

  • Encryption The Fund acknowledges and agrees that encryption may not be available for every communication through the System, or for all data. The Fund agrees that Custodian may deactivate any encryption features at any time, without notice or liability to the Fund, for the purpose of maintaining, repairing or troubleshooting the System or the Software.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!