Entry controls. The Contractor shall prevent unauthorised persons from using IT systems. This shall be done by: ● password procedures (special characters, minimum length, regular change) ● clear assignment of accounts to users, no generic accounts (e.g. Trainee 1, Warehouse, User) ● blocking of the user accounts after several failed login attempts ● use of firewalls/virus scanner ● regular control of the validity of permissions (user accounts) ● secure transmission of authentication secrets (credentials) in the network using TLS/HTTPS, SSH, VPN (IPSec, SSL VPN)
Appears in 4 contracts
Samples: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement