Logical Security. The Vendor shall notify TSP immediately if any Contract Personnel no longer require Access or change role for any reason whatsoever thus enabling TSP to disable or modify the Access rights. The Vendor shall maintain systems which detect and record any attempted damage, amendment or unauthorised access to TSP Information. The Vendor shall, implement agreed as well as generally prevalent security measures across all supplied components and materials including software & Data to ensure safeguard and confidentiality, availability and integrity of TSP Systems and TSP Information. The Vendor shall provide TSP with full documentation in relation to the implementation of logical security in relation to Purpose and shall ensure that it and such security: prevents unauthorised individuals e.g. hackers from gaining Access to TSP Systems; and reduces the risk of misuse of TSP Systems or TSP information, which could potentially cause loss of revenue or service (and its Quality) or reputation, breach of security by those individuals who are Authorised to Access it; and detects any security breaches that do occur enabling quick rectification of any problems that result and identification of the individuals who obtained Access and determination of how they obtained it.
Logical Security. All hard drives of TEHTRIS Appliances at the Customer's premises or in the TEHTRIS datacenter (which are used in servers) are encrypted via FDE (Full Disk Encryption) with keys that are stored off-site in a restricted, protected and encrypted area. All hard drives on TEHTRIS workstations (which are used to remotely administer the TEHTRIS Service) are encrypted via FDE. Workstations with elevated privileges are physically protected and inaccessible outside of business hours. All system authentications are performed by using a crypto-processor in a French branded smart card, with a PIN code typed on an external French branded reader, and/or by an ANSSI certified external key. All operating systems used in TEHTRIS Appliances at the Customer site or in the TEHTRIS datacenter are protected by secure Linux kernels, modified and compiled by TEHTRIS, with the use of advanced security technologies, including for example: RBAC integration in the kernel with role assignment and security policies for all processes; technologies against overflow attacks; special protections against data leakage into memory Applications hosted in TEHTRIS Appliances at the Customer's premises or in the TEHTRIS datacenter, built by TEHTRIS in order to provide the TEHTRIS Service, may use technologies such as obfuscation, encryption and anti-reverse engineering, in order to limit and slow down attempts to recover functionality. All communications related to the TEHTRIS Service are encrypted between TEHTRIS workstations and the TEHTRIS datacenter. All communications between TEHTRIS Appliances are encrypted including in the TEHTRIS datacenter. All communications between TEHTRIS employees regarding the Agreement are encrypted (email, instant messaging). TEHTRIS' internal network access security contains scalable modules to combat physical and logical intrusion threats, for example: authentication on the network with 802.1X; technologies against network attacks, such as DHCP attacks, ARP spoofing attacks, IP spoofing attacks, etc.; partitioning of activities with network zoning to separate Users and respect watertightness notions; presence of two separate firewalls between the Internet network and the Internet operator's network; TEHTRIS' employees can access the network through the Internet. TEHTRIS employees have no incoming access to the TEHTRIS internal network from a distance, as the latter behaves like a diode with respect to the Internet. Access to the TEHTRIS datacenter infrastructure ...
Logical Security. The Application and the data it supports are protected by a redundant set of firewalls, which cover all access points from the connected public networks. Internet security policies are in place to enforce maintenance plans and regular security reviews.
Logical Security. Elecosoft data centre providers apply anti-virus, anti-malware, anti-phishing, and anti-ransomware protection by enforcing real-time scanning, enhanced rootkit detection, PUA detection, core system protection, malicious website, identity protection and local firewall protection. This is further complemented by the following security methods, as a minimum:
Logical Security. Supplier shall follow industry best practices and take the additional precautions below with respect to the logical security of Secure Information in its possession.
i. As applicable, Supplier shall ensure any Information Technology System automatically locks or logs out when left unattended.
ii. Information Technology Systems shall be segregated as necessary and protected by a physical firewall with all ports blocked except those needed for specific Supplier applications, and Supplier shall take such other measures as are reasonable in light of the Secure Information to which it has access. Such additional measures may include, and Syntax, in its sole discretion, may require: virus and malware scanning, intrusion detection and prevention technologies, managed secure patching practices, third party vulnerability testing, and virtual private networking or multi-factor authentication schemes.
iii. Information Technology Systems must be protected by and may only be accessed using Strong Authentication systems.
iv. Supplier shall encrypt Secure Information stored on any Information Technology System using Strong Encryption methods. If Supplier transfers any Secure Information via the internet or any untrusted network, it shall encrypt the Secure Information using Strong Encryption methods while in transit.
v. Supplier shall use cryptographic and hashing algorithm types, strength, and key management processes consistent with industry best practices.
vi. Supplier shall centrally manage access to any Information Technology System and implement an appropriate set of procedures for authorizing logical access to Secure Information that ensures access is appropriate according to the business function of Supplier personnel.
vii. As applicable, access to Information Technology Systems must be monitored, recorded, and controlled to a reasonable standard.
Logical Security. In addition, privileged and non-privileged access to systems and network devices are based upon a documented, approved request. Only authorised users can request logical access to the Data Exporter's environments. A periodic verification is performed in accordance with instructions to determine that the owner of a user ID is still employed and assigned to provide services for the entity issuing the user ID in the service delivery centre. Exceptions identified during the verification process are remediated. An annual business need revalidation is performed to determine that access is commensurate with the user’s job function. Exceptions identified during the revalidation process are remediated. User access to the Data Importer's internal network infrastructure is revoked within 24 hours of termination of employment.
Logical Security. Logical security consists primarily of technical measures. A few common logical security measures apply to networking infrastructure, servers, and workstations. These measures include access controls (more details in individual sections below) and technical measures to address propagation or execution of unapproved code (e.g., viruses and other malware). Updates are done automatically wherever possible (such as workstation antivirus updates) or periodically on a prescribed, prioritized schedule. Examples of logical security include: • Periodic vulnerability scans and penetration testing. • Patch management is required to be done on a timely basis, based on a classification scheme of systems and the severity level of the patch, and sometimes even based on the operating system type or release. • Technical controls to prevent denial of service attacks (primarily applicable to network infrastructure and servers). • Creation and capture, if the device is capable, of activity logging records (network infrastructure and servers) that can be accessed for audit and by “suspicious activity” monitoring tools. The length of time such log records must be kept is determined by IBM Worldwide Records Management (WRM), which categorizes and details retention requirements. A list of suspicious activities to be monitored is maintained by CIO. • Requirement to follow specific security measures for remote access to IBM internal systems from outside the logical firewall, including a mandatory VPN client. All such access is encrypted. (Applicable to workstation and mobile devices); • Requirement that devices are to be cataloged in a database used for control and audit purposes. • Requirement to use static IP addresses (DHCP/DDNS are generally not permitted, except in some approved and documented cases for servers, and for workstations generally). All static IP addresses are recorded in a secure database; • IBM requires an acceptable use policy be readily available to users and represented each time conditions change, asking confirmation that the user has read and understood the terms for the data that may be stored or processed there; • Requirement to use specific CIO guidelines to build operating system images (workstations or servers); and • Requirement to undergo security health checks as part of a broader independent audit process. Where permitted by law, Security Technical Testing (STT) is performed by teams of individuals with highly specialized skills who are allowed to u...
Logical Security. Supplier agrees to safeguard the Property from loss, theft or inadvertent disclosure and, therefore, agrees as appropriate to: • Access to data should be on a need-to-know basis and only permitted via the customer. • Staff are aware of basic Information Security requirements within their organisation and those stipulated by their 3rd parties. • Dependent on the size of the organisation, one or more firewalls should be installed on the boundary of the organisation’s internal network(s). • Each authorised user should authenticate using a unique username and strong password. The login credentials should be managed effectively and provide the minimum level of access to applications, computers, and networks. • Computers should be protected with a malware protection software. • Software running on computers and network devices should be kept up-to-date and have the latest security patches installed. • The organisation should implement Endpoint Detection and Response tools to monitor and alert malicious activity. • Backup copies of information, software and system images should be taken and tested regularly in accordance with your backup policy. • Are aware of basic Information Security requirements in protecting the working environment, computer assets, mobile devices, and confidential data from creation to disposal. Amazon Web Services EMEA SARL, R.C.S. Luxembourg: B186284 38 Avenue Xxxx X. Xxxxxxx L-1855 Luxembourg Ireland Cloud based storage of data Oderland 556680-8746 556680-8746 Sweden Web hotel Applicable module(s) of the Model Cluses: Module 2 Clause 7 Each Party shall have the right to use the docking clause subject to section 11 of this Data Processing Agreement.
Logical Security. The Contractor shall establish, using National Institute Standards and Technology (NIST) Special Publications as a guide, secure logical and physical infrastructures for Information Systems (IS) environments including, but not limited to, security plans, risk assessments, access controls, directory services, compliance monitoring, firewalls, intrusion detection/scanning systems, anti-virus tools, privacy data assessment, and PII and other data protection policies. This function includes providing details for security awareness training, personnel security, policy enforcement, incident handling procedures, and separation of duties within an organization. In addition, the Contractor shall recommend and implement current best practices for the widest range of operating systems, database, networks, and application security, taking current best practices, industry standards, and Government regulations and policies into account.
Logical Security. The computer or device used for Remote Deposit Capture is using a supported operating A firewall is installed on the merchant's server; or Windows firewall is enabled if using If wireless networks are deployed, ensure wired equivalent privacy (WEP) is enabled,
