Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Services, and responding to security incidents. Access Control and Privilege Management. Customer’s Administrators and End Users must authenticate themselves via a central authentication system or via a single sign on system in order to use the Services. Internal Data Access Processes and Policies – Access Policy. Google’s internal data access processes and policies are designed to prevent unauthorized persons and/or systems from gaining access to systems used to process personal data. Google designs its systems to: (i) only allow authorized persons to access data they are authorized to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized access management system to control personnel access to production servers, and only provides access to a limited number of authorized personnel. Google’s authentication and authorization systems utilize SSH certificates and security keys, and are designed to provide Google with secure and flexible access mechanisms.
Appears in 1 contract
Samples: Data Processing Amendment
Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Services, and responding to security incidents. Access Control and Privilege Management. Customer’s Administrators and End Users must authenticate themselves via a central authentication system or via a single sign on system in order to use the Services. Internal Data Access Processes and Policies – Access PolicyPolicy . Google’s internal data access processes and policies are designed to prevent unauthorized persons and/or systems from gaining access to systems used to process personal data. Google designs its systems to: (i) only allow authorized persons to access data they are authorized to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized access management system to control personnel access to production servers, and only provides access to a limited number of authorized personnel. Google’s authentication and authorization systems utilize SSH certificates and security keys, and are designed to provide Google with secure and flexible access mechanisms.. These mechanisms are designed to grant only approved access rights to site hosts, logs, data and configuration information. Google requires the use of unique user IDs, strong passwords, two factor authentication and carefully monitored access lists to
Appears in 1 contract
Samples: Data Processing Amendment
Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Processor Services, and responding to security incidents. Access Control and Privilege Management. Customer’s Administrators 's administrators and End Users users must authenticate themselves via a central authentication system or via a single sign on system in order to use the Processor Services. Internal Data Access Processes and Policies – Access Policy. Google’s internal data access processes and policies are designed to prevent unauthorized unauthorised persons and/or systems from gaining access to systems used to process personal data. Google designs aims to design its systems to: (i) only allow authorized authorised persons to access data they are authorized authorised to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization authorisation during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized centralised access management system to control personnel access to production servers, and only provides access to a limited number of authorized authorised personnel. Google’s authentication LDAP, Kerberos and authorization systems utilize a proprietary system utilising SSH certificates and security keys, and are designed to provide Google with secure and flexible access mechanisms.access
Appears in 1 contract
Samples: Data Processing Agreement
Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Processor Services, and responding to security incidents. Access Control and Privilege Management. Customer’s Administrators 's administrators and End Users users must authenticate themselves via a central authentication system or via a single sign on system in order to use the Processor Services. Internal Data Access Processes and Policies – Access Policy. Google’s internal data access processes and policies are designed to prevent unauthorized unauthorised persons and/or systems from gaining access to systems used to process personal data. Google designs aims to design its systems to: (i) only allow authorized authorised persons to access data they are authorized authorised to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization authorisation during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized centralised access management system to control personnel access to production servers, and only provides access to a limited number of authorized authorised personnel. Google’s authentication LDAP, Kerberos and authorization systems utilize a proprietary system utilising SSH certificates and security keys, and are designed to provide Google with secure and flexible access mechanisms.. These mechanisms are designed to grant only approved
Appears in 1 contract
Samples: Data Processing Agreement
Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Services, and responding to security incidents. Access Control and Privilege Management. Customer’s Administrators and End Users must authenticate themselves via a central authentication system or via a single sign on system in order to use the Services. Internal Data Access Processes and Policies – Access Policy. Google’s internal data access processes and policies are designed to prevent unauthorized persons and/or systems from gaining access to systems used to process personal data. Google designs its systems to: (i) only allow authorized persons to access data they are authorized to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized access management system to control personnel access to production servers, and only provides access to a limited number of authorized personnel. Google’s authentication and authorization systems utilize SSH certificates and security keys, and are designed to provide Google with secure and flexible access mechanisms.. These mechanisms are
Appears in 1 contract
Samples: Data Processing Amendment
Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Services, and responding to security incidents. Access Control and Privilege Management. CustomerPartner’s Administrators and End Users administrators must authenticate themselves via a central authentication system or via a single sign on system in order to use administer the Services. Internal Data Access Processes and Policies – Access Policy. Google’s internal data access processes and policies are designed to prevent unauthorized persons and/or systems from gaining access to systems used to process personal data. Google designs its systems to: to (i) only allow authorized persons to access data they are authorized to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized access management system to control personnel access to production servers, and only provides access to a limited number of authorized personnel. Google’s authentication LDAP, Kerberos and authorization systems utilize SSH certificates and security keys, and a proprietary system utilizing RSA keys are designed to provide Google with secure and flexible access mechanisms.. These mechanisms are designed to grant only approved access rights to site hosts, logs, data and configuration information. Google requires the use of unique
Appears in 1 contract
Samples: Data Processing Agreement
