Physical Security Controls. Vendor must document and maintain adequate:
a) Physical security controls over all vendor facilities where AXP Data is filed or stored. * .
c) Security and environmental controls over * , which will be used in conjunction with AXP Data, including restricting access to only approved staff.
Physical Security Controls. RevComm monitors the entry and exit of employees, restricts equipment, etc. brought into areas where Personal Data is processed, and prevents unauthorized persons from browsing Personal Data. RevComm takes actions to prevent the theft or loss, etc. of equipment holding Personal Data, electronic media and documents, etc. and implements measures to avoid Personal Data from being easily found when carrying such equipment or electronic media, etc., including moving within an office.
Physical Security Controls. The Cloud Provider provides the physical security of Data Centres as a managed service. The Cloud Provider is compliant with requirements like ISO 27001, SOC 1, SOC 2, which are the basis for akirolabs to rely on the security controls offered by the Cloud Provider. akirolabs uses the Cloud Provider reports to draw assurance over Cloud Provider controls and for evaluating any risks from the Cloud Provider to akirolabs Services to its customers. Additionally, akirolabs has appropriate physical security controls in its offices.
Physical Security Controls. Vendor must document and maintain adequate:
a) Physical security controls over all vendor facilities where AXP Data is filed or stored. Examples include appropriate alarm systems, access controls (including off-hours controls), visitor access procedures, security guard force, fire suppression, video surveillance, and staff egress searches, as appropriate under applicable law.
b) Trash disposal programs that provide for the secure disposal of sensitive trash at all vendor facilities where AXP Data is filed or stored. Sensitive trash is defined as any discarded material that contains AXP Data.
c) Security and environmental controls over all computer rooms, voice rooms and related equipment (UPS, climate control, etc.), which will be used in conjunction with AXP Data, including restricting access to only approved staff.
Physical Security Controls. In connection with any Facilities, Provider shall. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED FOR PORTIONS OF THIS EXHIBIT. THE COPY FILED HEREWITH OMITS THE INFORMATION SUBJECT TO A CONFIDENTIALITY REQUEST. OMISSIONS ARE DESIGNATED [ * * * ]. A COMPLETE VERSION OF THIS EXHIBIT HAS BEEN FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION.
(i) [ * * * ]
(ii) [ * * * ]
(iii) [ * * * ]
(iv) [ * * * ]
(v) [ * * * ]
(vi) [ * * * ]
(vii) [ * * * ]
Physical Security Controls a. Independent Contractor shall restrict access to environments that store, transmit or process BCBSM Data to those Employees that have a business need to access such Data.
b. Independent Contractor shall implement and regularly test the following security measures in each area containing BCBSM Data: (i) physical access control, (ii) physical security presence and (iii) security management monitoring.
c. Upon BCBSM’s request, Independent Contractor shall provide complete and auditable records of Employees who had access to BCBSM Data, including at a minimum, their identity and date and time of access.
Physical Security Controls. Sirion has implemented information security controls around the physical security of its offices. A customer’s data is stored on the Sirion platform which is hosted in Third Party Cloud Service Providers (CSPs) like, AWS, Azure, etc. As part of their shared responsibility, these CSPs provide physical security of data centers as a managed service to Sirion. Sirion relies on the security controls of these CSPs that are complaint with the ISO 27001, SOC 1, SOC 2 requirements. Sirion uses the CSP’s reports to draws assurance over CSP controls and for evaluating any risks from CSPs to Sirion services to its customers. Sirion uses a Web Application Firewall (WAF) to protect against common web exploits that may affect availability and compromise security. AWS Security Groups (Firewall), Network Intrusion Detection Systems (NIDS), Denial of Service (DoS) Protection, are also implemented to control all inbound and outbound traffic while ensuring network security. The Security Groups restrict traffic by protocol, service port and IP address.
Physical Security Controls. Contractor shall safeguard County PHI and/or County PII/PI from loss, theft, inadvertent disclosure, and therefore shall:
14.3.2.1 Ensure County PHI and/or County PII/PI is used and stored in an area that is physically safe from access by unauthorized persons during both working hours and nonworking hours;
14.3.2.2 Secure all areas of Contractor facilities where Contractor workers use or disclose County PHI and/or County PII/PI. The Contractor shall ensure that these secured areas are only accessed by authorized individuals with properly coded key cards, authorized door keys or other access authorization, and access to premises is by official identification;
14.3.2.3 Issue workers who assist in the administration of County PHI and/or County PII/PI identification badges and require workers to wear badges at facilities where County PHI and/or County PII/PI is stored or used;
14.3.2.4 Ensure each location where County PHI and/or County PII/PI is used or stored has procedures and controls that ensure an individual whose access to the facility is terminated:
14.3.2.4.1 Is promptly escorted from the facility by an authorized employee; and
14.3.2.4.2 Immediately has their access revoked to any and all County PHI and/or County PII/PI.
14.3.2.5 Ensure there are security guards or a monitored alarm system twenty-four (24) hours a day, seven (7) days a week at facilities where County PHI and/or County PII/PI is stored;
14.3.2.6 Ensure data centers with servers, data storage devices, and critical network infrastructure involved in the use or storage of County PHI and/or County PII/PI have perimeter security and access controls that limit access to only authorized Information Technology Staff. Visitors to the data center area must be escorted by authorized IT staff at all times;
14.3.2.7 Store paper records with County PHI and/or County PII/PI in locked spaces in any facilities that are multi- use, meaning that there are County PHI and/or County PII/PI functions and Contractor functions in one building in work areas that are not securely segregated. The contractor shall have policies that state workers shall not leave records with County PHI and/or County PII/PI unattended at any time in cars or airplanes and shall not check County PHI and/or County PII/PI on commercial flights; and
14.3.2.8 Use all reasonable means to prevent non-authorized personnel and visitors from having access to, control of, or viewing County PHI and/or County PII/PI.
Physical Security Controls. In connection with any Facilities, Provider shall.
Physical Security Controls. Target Data
