Access Control Supplier will maintain an appropriate access control policy that is designed to restrict access to Accenture Data and Supplier assets to authorized Personnel. Supplier will require that all accounts have complex passwords that contain letters, numbers, and special characters, be changed at least every 90 days, and have a minimum length of 8 characters.
Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
Access Controls a. Authorized Access - DST shall have controls that are designed to maintain the logical separation such that access to systems hosting Fund Data and/or being used to provide services to Fund will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to Fund Data.
BUSINESS CONTINUITY/DISASTER RECOVERY In the event of equipment failure, work stoppage, governmental action, communication disruption or other impossibility of performance beyond State Street’s control, State Street shall take reasonable steps to minimize service interruptions. Specifically, State Street shall implement reasonable procedures to prevent the loss of data and to recover from service interruptions caused by equipment failure or other circumstances with resumption of all substantial elements of services in a timeframe sufficient to meet business requirements. State Street shall enter into and shall maintain in effect at all times during the term of this Agreement with appropriate parties one or more agreements making reasonable provision for (i) periodic back-up of the computer files and data with respect to the Trusts; and (ii) emergency use of electronic data processing equipment to provide services under this Agreement. State Street shall test the ability to recover to alternate data processing equipment in accordance with State Street program standards, and provide a high level summary of business continuity test results to the Trusts upon request. State Street will remedy any material deficiencies in accordance with State Street program standards. Upon reasonable advance notice, and at no cost to State Street, the Trusts retain the right to review State Street’s business continuity, crisis management, disaster recovery, and third-party vendor management processes and programs (including discussions with the relevant subject matter experts and an on-site review of the production facilities used) related to delivery of the service no more frequently than an annual basis. Upon reasonable request, the State Street also shall discuss with senior management of the Trusts any business continuity/disaster recovery plan of the State Street and/or provide a high-level presentation summarizing such plan.”
Access Rights Upon reasonable notice and supervision by the Granting Party, and subject to any required or necessary regulatory approvals, either the Connecting Transmission Owner or Developer (“Granting Party”) shall furnish to the other of those two Parties (“Access Party”) at no cost any rights of use, licenses, rights of way and easements with respect to lands owned or controlled by the Granting Party, its agents (if allowed under the applicable agency agreement), or any Affiliate, that are necessary to enable the Access Party to obtain ingress and egress at the Point of Interconnection to construct, operate, maintain, repair, test (or witness testing), inspect, replace or remove facilities and equipment to: (i) interconnect the Large Generating Facility with the New York State Transmission System; (ii) operate and maintain the Large Generating Facility, the Attachment Facilities and the New York State Transmission System; and (iii) disconnect or remove the Access Party’s facilities and equipment upon termination of this Agreement. In exercising such licenses, rights of way and easements, the Access Party shall not unreasonably disrupt or interfere with normal operation of the Granting Party’s business and shall adhere to the safety rules and procedures established in advance, as may be changed from time to time, by the Granting Party and provided to the Access Party. The Access Party shall indemnify the Granting Party against all claims of injury or damage from third parties resulting from the exercise of the access rights provided for herein.
Control Areas Tenant shall be allowed to utilize up to its pro rata share of the Hazardous Materials inventory within any control area or zone (located within the Premises), as designated by the applicable building code, for chemical use or storage. As used in the preceding sentence, Tenant’s pro rata share of any control areas or zones located within the Premises shall be determined based on the rentable square footage that Tenant leases within the applicable control area or zone. For purposes of example only, if a control area or zone contains 10,000 rentable square feet and 2,000 rentable square feet of a tenant’s premises are located within such control area or zone (while such premises as a whole contains 5,000 rentable square feet), the applicable tenant’s pro rata share of such control area would be 20%.
Control Documents (a) Each of the parties to the Control Documents has the legal right, power and authority to enter into and perform its/his/her obligations under each Control Document to which it/he/she is a party and has taken all necessary corporate action to authorize the execution, delivery and performance of, and has authorized, executed and delivered, each Control Document to which it/he/she is a party; (b) each Control Document constitutes a legally binding obligation of the parties thereto, enforceable in accordance with its terms; and (c) each Control Document is in full force and effect.
Business Continuity and Disaster Recovery Bank shall maintain and update from time to time business continuation and disaster recovery procedures with respect to its global custody business, which are designed, in the event of a significant business disruption affecting Bank, to be sufficient to enable Bank to resume and continue to perform its duties and obligations under this Agreement without undue delay or disruption. Bank shall test the operability of such procedures at least annually. Bank shall enter into and shall maintain in effect at all times during the term of this Agreement reasonable provision for (i) periodic back-up of the computer files and data with respect to Customer and (ii) use of alternative electronic data processing equipment to provide services under this Agreement. Upon reasonable request, Bank shall discuss with Customer any business continuation and disaster recovery procedures of Bank. Bank represents that its business continuation and disaster recovery procedures are appropriate for its business as a global custodian to investment companies registered under the 1940 Act.
Data Subjects Rights 5.1. Where a data subject asserts claims for rectification, erasure or access to Us, and where We are able to correlate the data subject to You, based on the information provided by the data subject, We shall refer such data subject to You without undue delay. We shall support You, where possible, and based upon Your instruction insofar as agreed upon. We shall not be liable in cases where You fail to respond to the data subject’s request completely, correctly, or in a timely manner. Notwithstanding the foregoing, if Your employee submits a data subject request in relation to Online Training Cloud, You agree that we can fulfill such request without Your further approval.
Access to Asset Review Materials The Servicer will give the Asset Representations Reviewer access to the Asset Review Materials for all of the Asset Review Receivables within sixty (60) days of receipt of the Asset Review Notice in one or more of the following ways: (i) by providing access to the Servicer’s lease asset systems, either remotely or at one of the properties of the Servicer; (ii) by electronic posting to a password-protected website to which the Asset Representations Reviewer has access; (iii) by providing originals or photocopies at one of the properties of the Servicer where the Asset Receivable Files are located; or (iv) in another manner agreed by the Servicer and the Asset Representations Reviewer. The Servicer may redact or remove Non-Public Personal Information (as defined in Section 4.8) from the Asset Review Materials so long as such redaction or removal does not change the meaning or usefulness of the Asset Review Materials for purposes of the Asset Review.
