Physical Access Control. Unauthorized persons are prevented from gaining physical access to premises, buildings or rooms where data processing systems that process and/or use Personal Data are located.
Physical Access Control. SAP protects its assets and facilities using the appropriate means based on the SAP Security Policy • In general, buildings are secured through access control systems (e.g., smart card access system). • As a minimum requirement, the outermost entrance points of the building must be fitted with a certified key system including modern, active key management. • Depending on the security classification, buildings, individual areas and surrounding premises may be further protected by additional measures. These include specific access profiles, video surveillance, intruder alarm systems and biometric access control systems. • Access rights are granted to authorized persons on an individual basis according to the System and Data Access Control measures (see Section 1.2 and 1.3 below). This also applies to visitor access. Guests and visitors to SAP buildings must register their names at reception and must be accompanied by authorized SAP personnel. • SAP employees and external personnel must wear their ID cards at all SAP locations. • All Data Centers adhere to strict security procedures enforced by guards, surveillance cameras, motion detectors, access control mechanisms and other measures to prevent equipment and Data Center facilities from being compromised. Only authorized representatives have access to systems and infrastructure within the Data Center facilities. To protect proper functionality, physical security equipment (e.g., motion sensors, cameras, etc.) undergo maintenance on a regular basis. • SAP and all third-party Data Center providers log the names and times of authorized personnel entering SAP’s private areas within the Data Centers.
Physical Access Control. UKG shall ensure that its data center sub-processor uses industry standard technology to ensure that only the appropriately authorized staff have access to those systems of UKG that are used to provide the Services. This shall include at least the following measures: visitor sign-ins, role-based access controls, limited access to the server rooms and to the alarm systems which report any unauthorized access.
Physical Access Control. The following measures as implemented are designed to protect against unauthorized physical access to premises, buildings or rooms where data processing systems are located which process and/or use Personal Data:
a) Physical components of the data center facilities, servers, networking equipment, and host software are housed in nondescript facilities.
b) Physical barrier controls are used to prevent unauthorized entrance to these facilities both at the perimeter (e.g., fencing, walls) and at building access points.
c) Physical access points to server locations are managed by electronic access control devices and are secured with intrusion detection devices that sound alarms if the door is forced open or held open.
d) Establishing access authorizations for employees and third parties, including the respective documentation.
e) All visitors are required to present identification and are signed in.
f) Use of video cameras (CCTV) to monitor individual physical access to data center facilities.
g) Data centers utilize security guards 24x7, who are stationed in and around the building.
Physical Access Control. Measures suitable for preventing unauthorized persons from gaining access to data processing systems with which personal data are processed or used.
Physical Access Control. (i) Physical Protection of the Data Centers. Physical access to data centers is strictly controlled by the data center provider (“DC Provider”) both at the perimeter and at building ingress points by security staff. The DC Provider only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee or contractor no longer has a business need for these privileges, his or her access is immediately revoked, even if he or she continues to be an employee or contractor of the DC Provider. All physical access to data centers is logged and audited routinely.
Physical Access Control. The software is hosted in data centers operated by Hetzner Online GmbH in Germany. The technical and organizational measures taken in the data centers of the subcontracted processor Hetzner Online GmbH are described in detail here: xxxxx://xxx.xxxxxxx.xxx/AV/XXX.pdf
Physical Access Control. Unauthorized persons are prevented from gaining physical access to premises, buildings or rooms where data processing systems that process and/or use Personal Data are located. 물리적 액세스 제어. 승인되지 않은 사람이 개인 정보를 처리하거나 사용하는 정보 처리 시스템이 위치해 있는 사업장, 건물, 실내에 대한 물리적 액세스를 확보하는 것을 방지합니다.
Physical Access Control. Physical access to the main entrance of the HWD building as well as to all side entrances is restricted by a fence. The doors and gates of the fenced area are closed by default and can only be opened by HWD staff on site with transponders. Additionally, the main gate and the main entrance of the fenced area can be opened by HWD Network Operation Center (NOC) staff via doorbell and connected manual opening function. All access paths to the building entrances of HWD are protected by video surveillance. The NOC staff have a 24/7 live visual display of all camera footage on screens in the NOC dedicated to that purpose. Access ways to the building are by default closed and can only be opened from the outside with secu- rity keys. Building access is monitored around the clock by qualified staff on the central reception desk/ NOC, and each staff, customer, or supplier has to register at the central reception desk. Upon regis- tering, visitors receive a visitor pass, which must be returned upon leaving the building. Visitors are instructed about the house rules upon visiting. Visitors have to either have the authorization to register themselves, or otherwise be authorized by persons with the appropriate authorization level to authorize others for registration. The identity of visitors has to be confirmed with a valid photo identification card. Visitors are personally escorted by staff into the building from the reception area. Organizational proce- dures and rules ensure that strangers should never stay or move within the building unattended. Access to the data center footprint is protected by an access control system and unaccompanied ac- cess only possible for HWD staff. For the data center “Am Mittelfelde 29” this access control has been implemented with 2-factor-authentication. Access is logged. Access logs and video footage is checked daily by HWD staff. Outside business hours the premises are controlled by an alarm system according to VDE standard. System alerts are monitored by a security service, and a documented intervention plan is followed. Ad- ditionally, all technical premises, access paths, as well as the perimeter defense, are video surveilled. Notably, all data center footprint is video surveilled, which is additionally supported by motion sensors.
Physical Access Control. Netigate has card-based personalised access control systems in place with access authorization for authorised employees only (in Frankfurt, Osloand Stockholm). • Visitor regulations. Visitors are registered in a visitor’s book and are always accompanied by an employee.
