Infrastructure Security Sample Clauses

Infrastructure Security. The 4me Infrastructure will be electronically accessible to 4me staff, contractors and any other person as necessary to provide the Services. 4me will maintain access controls and policies to manage what access is allowed to the 4me Infrastructure from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. 4me will maintain corrective action and incident response plans to respond to potential security threats.
AutoNDA by SimpleDocs
Infrastructure Security. Processor personnel are required to follow security policies that define access privileges and control for the transmission, processing, and storing of sensitive data. Processor conducts annual risk assessments on system and networking components which include systems, data, computers, personal devices, applications, facilities, connections, individuals, documentation, and electronic media, where confidential, sensitive data is present. Personnel are required to execute an Information Security policy and must acknowledge receipt of, and compliance with, Processor’s security policies.
Infrastructure Security. 5.4.1 The Service Provider shall comply with the provisions of schedule 6 (Security Policy) in respect of infrastructure security.
Infrastructure Security. 6.1 The Service Provider shall ensure that all networks used by the Service Provider in the provision of the service are secure and protected from unauthorised access. 6.2 The Service Provider shall ensure that any Confidential Information and any Personal Data transmitted over public networks is encrypted and transmitted Schedule 6Security Policy 6.3 The Service Provider shall ensure that all transfers of data are secure including but not limited to those using removable media. 6.4 The Service Provider shall inform TfL within twenty-four (24) hours of identifying a Security Incident from time to time. Schedule 6 – Security Policy ANNEX A INITIAL SECURITY PLAN It is recognised that as this Annex has been prepared by the Service Provider, there may be some apparent conflict or inconsistency between the terms of this Annex and the other terms of the Agreement. In the event of any such conflict or inconsistency, the other terms of the Agreement shall take precedence in the order set out in Clause 1.5 of the Agreement (save that, for the avoidance of doubt, this Annex and the Annexes to Schedule 8 shall have the lowest order of precedence in relation to all of the annexes and appendices in this Agreement).
Infrastructure Security. Consultant will install and maintain anti-virus software, apply all system patches and updates provided from primary vendors for operating systems, middleware, and hardware and, to the extent possible, use real time protection features. Consultant will not introduce any viruses, time or logic bombs, Trojan horses, worms, timers, clocks, trap doors, or other computer instructions, devices, or techniques that erase data or programming, infect, disrupt, damage, disable, or shut down Board’s system or any component of Board’s system, including, without limitation, its security or data. In the event a virus or similar issue is found to have been introduced into Board’s system by Consultant, Consultant will, at its sole expense: (a) use commercially reasonable efforts to correct, reduce or eliminate the effects of the virus or similar issues affecting the Board’s system; and (b) if the virus or similar issue causes a loss of operational efficiency or loss of data, mitigate, restore and reimburse the Board for all such losses; and (c) cooperate with the Board or other impacted party in all ongoing, reasonable, and lawful efforts to mitigate or rectify such Security Incident or Data Breach including complying with applicable breach notification laws. (Consultant liability hereunder is limited as provided in 10.2 below.)
Infrastructure Security. Consultant will install and maintain anti-virus software, apply all system patches and updates provided from primary vendors for operating systems, middleware, and hardware and, to the extent possible, use real time protection features. Consultant will not introduce any viruses, time or logic bombs, Trojan horses, worms, timers, clocks, trap doors, or other computer instructions, devices, or techniques that erase data or programming, infect, disrupt, damage, disable, or shut down Board’s system or any component of Board’s system, including, without limitation, its security or data. In the event a virus or similar issue is found to have been introduced into Board’s system by Consultant, Consultant will, at its sole expense: (a) use commercially reasonable efforts to correct, reduce or eliminate the effects of the virus or similar issues affecting the Board’s system; and (b) if the virus or similar issue causes a loss of operational efficiency or loss of data, mitigate, restore and reimburse the Board for all such losses; and (c) cooperate with the Board or other impacted party in all ongoing, reasonable, and lawful efforts to mitigate or rectify such Security Incident or Data Breach including complying with applicable breach notification laws. (Consultant liability hereunder is limited as provided in 10.2 below.) Any officer, employee, contractor or agent of the Consultant who knowingly or willfully discloses Board Data in a manner that is not authorized or falsifies, conceals, or covers up by any trick, scheme, or device a material fact, makes any materially false, fictitious, or fraudulent statement or representation, or makes or uses any false writing or document to obtain Board Data, will be subject to appropriate sanctions including referral for criminal prosecution. The Consultant will also investigate and, as necessary, impose sanctions on its employees and agents for such actions.
Infrastructure Security. Interconnection Customer shall comply with the requirements for infrastructure and operational security of the R-Line Upgrade Project.
AutoNDA by SimpleDocs
Infrastructure Security. Interconnection Customer shall comply with the requirements for infrastructure and operational security of the S-Line Upgrade Project implemented pursuant to the CAISO Tariff, including the CAISO’s standards for information security posted on the CAISO’s internet web site at the following internet address: xxxxx://xxx.xxxxx.xxx/pubinfo/info- security/index.html and Applicable Reliability Standards.
Infrastructure Security. Supplier uses G Suite and Google Cloud Platform (GCP) to host the Supplier’s Systems. All of the Supplier’s Systems are fully managed by Google Inc. (Google), who is responsible for the physical and networking security of the Supplier’s Systems. Google’s security measures regarding the G Suite and GCP infrastructures are described on this page (G Suite) xxxxx://xxxxxx.xxxxxx.xxx/security/?secure-by-design_activeEl=data-centers and this page (Google Cloud Platform): xxxxx://xxxxx.xxxxxx.xxx/security/
Infrastructure Security. The web servers as entry points for the entire system are completely independent systems to the database server. They run on the latest stable Debian version, access is only possible through SSH via key authentication. For the CCH, we use an NGINX, configured as a reverse proxy, listening on port 3000 (SSL on). The NGINX proxies all connect to a "Thin Webserver" which is used as an API server. It is not reachable from the Internet itself, because it did not bind any TCP sockets by itself. All other servers (Database and Filestore- Server) are in a virtual network. They are only accessible through the API-providing web server, with a valid API key, and for system administration purpose through SSH via key authentication only. As we are running two different database models (REDIS in combination with a XXXXXXXXX cluster) we have two different data backup strategies. As the REDIS database is only used for real-time time data, real-time analytics and real-time communication, and only keeps rapidly changing data with a foreseeable database size, we don’t backup the data here. To store data via a longer timeframe and to archive data, we use a Xxxxxxxxx Cluster with several nodes. The big advantage of Xxxxxxxxx is that is brings its own backup utilities and restore process. The server nodes are spread over multiple data centres and sites and the data is replicated between these nodes. Data restoration and recovery is usually needed only in cases where all replications of a data set are lost, or corrupted data is written to the database. For this worst-case scenario, we backup one node additionally via Bacula [1] on a separate node. All servers of the central infrastructure are operated by ECO / DE-CIX and are running in a secured and ISO-27001-certified Data-Centre. The data centre has an electronic access control system, with a 24/7 camera monitoring of entrances and server rooms secure the servers against unauthorized physical access. Remote access is only possible via a SSH with Key Authentication and a VPN-connection only, which is even limited to a very few system administrators, with user rights and the possibility to get "root"-access via "sudo". The default root login is disabled by default. The following are the characteristics of the CCH servers and the security mechanisms put in place: API Server xxxxxxxxx.000.xxx.xxxxxxxxxxxxxxxx.xxx Open Ports HTTPS via port 3000 and 8080 Security mechanisms There is no FTP and no direct SSH access to this server. Ac...
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!