INFORMATION SECURITY ARCHITECTURE a. This section III.6 applies to the extent that Contractor Group owns, supports, or is otherwise responsible for host(s), network(s), environment(s), or the Work involves services wherein Contractor has care, custody, or control of University Data. For avoidance of doubt, this section shall apply when Contractor Group provides cloud-hosted infrastructure, platform, or application as a service.
INFORMATION SECURITY ARCHITECTURE a. This section III.6 applies to the extent that Vendor Group owns, supports, or is otherwise responsible for host(s), network(s), environment(s), or technology products (including hardware or software) which may contain University Data.
INFORMATION SECURITY ARCHITECTURE. Castellan maintains information security architecture for the information systems that includes an architectural description, the placement/allocation of security functionality (including security controls), security-related information for external interfaces, information being exchanged across the interfaces, and the protection mechanisms associated with each interface. The information security architecture is reviewed and updated regularly to reflect updates in the enterprise architecture, external impacts, and industry practices. These changes are reflected in the security plan, the security Concept of Operations (CONOPS), and organizational procurements/acquisitions.
