Physical and Environment Security Sample Clauses
POPULAR SAMPLE Copied 1 times
Physical and Environment Security a. Medallia products and customer data are hosted at providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and services for the Medallia cloud platform used for the Products.
b. An N-tiered architecture is used to support presentation, application, processing, and data services. For enhanced security in the Medallia cloud platform, technologies such as firewalls, intrusion detection and prevention, and vulnerability management are used.
Physical and Environment Security. Entrust facilities hosting technology information assets are equipped with appropriate controls to restrict physical access to the facility. Physical entry controls include a means to identify personnel and visitors, and ensure the individual is authorized to access the secured area prior to entry. All entry to secured areas are logged and logs are reviewed periodically. Personnel are informed of, and subject to, the guidelines established for working within secured areas. Access points such as delivery or loading areas, and other points where unauthorized persons may enter the facility, are controlled to restrict further entry, and, to the extent it is practical, isolated from information processing areas. Physical security measures include the capability to monitor company facilities to detect unauthorized or unlawful use. Entrust has a physical security plan that incorporates a defined procedure to report suspicious activity, identified security weaknesses, or potential security events, as well as an escalation procedure to communicate events to local law enforcement as appropriate. Facility staff and visitors are informed regarding these physical security procedures and their responsibility to report security events. Information to be transferred shall at all times be properly secured, in accordance with its classification, regardless of the media employed to carry the information or the transmission mechanism. All information to be transferred shall be subject to inspection for malicious software code and other potential hazards to confidentiality, integrity or availability. When the use of encryption is required for safekeeping, such use shall be subject to all applicable security controls as well as legal or regulatory requirements. Information to be transferred shall be subject to established retention and disposal requirements. Information transfer facilities shall comply with all applicable laws and regulations. Information and software shall not be transferred with external parties until all relevant contractual and security requirements are satisfied, including formal written agreements where required.
Physical and Environment Security. 7.1. Physical access to Agent’s on-site data centers will be strictly controlled by proximity card access groups that are limited to the operations staff who require access to perform their contracted roles.
7.2. Agent’s on-site data centers will have strict controls to protect against environmental threats such as over-heating, flooding, fire, dust and chemical pollutants.
7.3. Agent’s on-site data centers will have dual power feeds. monitored Uninterruptible Power Supply (UPS) systems. back-up generators with on-site fuel store. redundant air conditioning systems, and a dual-path telecommunications infrastructure for critical communications systems.
7.4. Confidential Information will be securely erased using industry-standard data deletion utilities. physically destroyed. or returned to Clients. subject to the terms and conditions of the Agreement.
Physical and Environment Security. Entrust Datacard facilities hosting technology information assets are equipped with appropriate controls to restrict physical access to the facility. Physical entry controls include a means to identify personnel and visitors, and ensure the individual is authorized to access the secured area prior to entry. All entry to secured areas are logged and logs reviewed periodically. Personnel are informed of, and subject to, the guidelines established for working within secured areas. Access points such as delivery or loading areas, and other points where unauthorized persons may enter the facility, are controlled to restrict further entry, and, to the extent it is practical, isolated from information processing areas. Physical security measures include the capability to monitor company facilities to detect unauthorized or unlawful use. Entrust Datacard has a physical security plan that incorporates a defined procedure to report suspicious activity, identified security weaknesses, or potential security events, as well as an escalation procedure to communicate events to local law enforcement as appropriate. Facility staff and visitors are informed regarding these physical security procedures and their responsibility to report security events.
Physical and Environment Security. 7.1 Leading Resolutions shall ensure that physical controls are in place to restrict access to authorised individuals surrounding its premises and data centre environments that support the Supplier Systems.