Logical Security Administration Sample Clauses
The Logical Security Administration clause defines the responsibilities and procedures for managing access to digital systems and data within an organization. It typically outlines how user accounts are created, modified, and deactivated, and specifies controls such as password policies, access reviews, and role-based permissions. By establishing clear rules for who can access what information and how that access is managed, this clause helps prevent unauthorized access and ensures the integrity and confidentiality of sensitive data.
Logical Security Administration. Service Provider’s responsibilities include:
1. Establish and maintain mechanisms to safeguard against the unauthorized access, destruction, loss, or alteration of DIR and DIR Customers’ data. Service Provider will implement safeguards that are no less rigorous than the practices performed by DIR and DIR Customers as of the Commencement Date.
2. Manage and administer access to Service Provider-operated systems, networks, Software, and DIR and DIR Customers data, to include the following:
2.1. Upon request provide DIR IT Security full administrative rights related to systems regarding the Services, including full access to audit trails and logs.
2.2. DIR and DIR Customers will retain authority for approval of all data and system access requirements.
2.3. DIR and DIR Customers will notify Service Provider regarding the entities and personnel to be granted access to Service Provider-operated systems and the level of security access granted to each.
2.4. Follow DIR’s and DIR Customers’ instructions and the procedures regarding such access as designated by DIR or DIR Customers.
2.5. Ensure that the comprehensive database of security clearances and access rights is maintained and tracking all the logical access rights of Service Provider personnel to systems associated with providing the Services.
3. Review all documented information security procedures with DIR pertaining to Service Provider-operated systems.
4. Comply with DIR policies on privacy protection and protective security for data, including security, data and records management, and electronic records and data archiving.
5. Conform to the requirements in accordance with government guidelines and DIR and DIR Customer security policies.
6. Assist in the development, testing and utilization of an action plan and escalation procedures for any potential or real security breaches and report any potential or real security breaches to DIR or DIR Customers per the plan.
7. Monitor users of the systems and Services for authorized access, and monitor, review, and respond and appropriate manner to access violations within designated timeframes.
8. Document and identify security risks associated with the Services, and in support of Risk Management.
9. Notify DIR and DIR Customer in the event of a security violation or unauthorized attempt to access or alter DIR or DIR Customer data, where the notification and escalation is made according to security policy guidelines and procedures.
10. Conduct semi-annual review...
Logical Security Administration. (a) Supplier’s logical security administration responsibilities include:
(b) Compliance with Gap Policies and Procedures, as they may be revised or updated from time to time during the Term of the Agreement.
(c) Working in conjunction with Gap security to support, establish and maintain safeguards against the unauthorized access, destruction, loss or alteration of Gap assets, data, and information under the control of Supplier.
(d) Comply with all Gap documented information security procedures pertaining to Supplier-operated systems and developing, maintaining, updating and implementing security procedures for Supplier-operated systems with Gap’s Approval, including physical access strategies, procedures and standards. Supplier shall follow the requirements of the Gap security hardening standards. Exhibit A.4 Gap Confidential and Proprietary Information Second Amended Master Services Agreement
(e) Utilize Gap provided action plan and escalation procedures for any potential or detected electronic or physical security breaches and reporting any detected security breaches to Gap per the action plan.
(f) In conjunction with Gap security, respond to security incidents by assisting with the following:
(1) Collect local device and system logs, where available, deliver to security as needed.
(2) Assisting with periodic reviews, as appropriate and in accordance with the Gap process to validate that access to programs and data maintained on Supplier-operated systems is appropriate and that the use thereof is consistent with the scope of such employee’s access authority.
(3) Upon identification, immediately notify Gap (including appropriate Gap security personnel) in the event of a security violation or unauthorized attempt to access or alter Gap’s assets, systems, information, or data.
(4) Assist in reviews as required by the Gap process to validate that access and levels to programs and data is authorized.
(5) Support with security audits, providing Incident investigation support where possible, and implementing corrective actions to minimize and prevent security breaches as directed and Approved by Gap. Where applicable, Supplier will report observed security violations to Gap.
(g) Supplier shall be responsible for ensuring all remote access connections are authorized by Gap Security, and follow requirements identified in the hardening standards.
(h) Supplier shall be responsible for ensuring all Supplier user access requests are approved by an authorized approver...
Logical Security Administration. Supplier will provide logical security administration Services to Maintain authorized access to information technology data. Supplier’s responsibilities for logical security administration include the tasks, subtasks, and Deliverables set forth in Table 31 (Logical Security Administration Requirements) below.
Logical Security Administration. It is the policy of ALICOMP Operations to retain the identity and integrity at the application level for every customer. This concept of functional separation of data files, program libraries, catalogs, and computer resources is implemented by various data security and access control software products. These systems restrict access to UAFC's information to only those individuals who are authorized and serve to protect UAFC's valuable data from unauthorized destruction, modification, or ID disclosure. ALICOMP supports a variety of access control products which provide data security for all users by requiring a logon ID and password at system logon time. Passwords are required to be changed AGREEMENT NO. 060100 - continued periodically to ensure access control integrity. Although primary responsibility for systems security will remain with UAFC, ALICOMP will provide all required support in connection with security administration.
Logical Security Administration. Supplier’s logical security administration responsibilities include:
(a) Compliance with Gap Policies and Procedures, as they may be revised or updated from time to time during the Term of the Agreement.
(b) Working in conjunction with Gap security, establish and maintain safeguards against the unauthorized access, destruction, loss or alteration of Gap assets, data, and information under the control of Supplier. Supplier shall implement safeguards in compliance with the Procedures Manual and the Service Levels set forth in Exhibit B (Service Level Agreement) of the Agreement.
(c) Reviewing with Gap all documented information security procedures pertaining to Supplier-operated systems and developing, maintaining, updating and implementing security procedures for Supplier-operated systems with Gap’s Approval, including physical access strategies, procedures and standards. Such approval shall not be unreasonably withheld. Supplier shall follow the requirements of the GSD331 version 2.0 dated March 2, 2009 (Attachment A.2.1 to Exhibit A.2). * from the Effective Date, Gap will have * to review the GSD to confirm that all needed controls are identified in the GSD and that all such controls are effective. Gap will base its review on the Gap IT Security Policies in place as of March 2, 2009, as reflected in the GSD331 version 2.0. Should Gap determine that the GSD does not contain needed controls or that the controls as designed are ineffective, Gap will notify Supplier identifying the impacted controls or areas needing additional controls. Upon receipt of such notification from Gap, Gap and Supplier will have * to agree on the changes needed to meet Gap’s Security Policies. Should the parties fail to agree within this * period, this matter will be resolved through the process specified in Section 31 (“Internal Dispute Resolution”) of the Agreement.
(d) Assisting in the development, Documentation and utilization of an action plan and escalation procedures for any potential or detected electronic or physical security breaches and reporting any detected security breaches to Gap per the action plan.
(e) In conjunction with Gap security, monitoring the systems and Services for authorized access, including:
(1) Using *, monitoring, reviewing and responding in a timely and appropriate manner to violations of internal and external physical or electronic access as identified in the Procedures Manual. * Certain information on this page has been omitted and filed separatel...