Security Gateways Sample Clauses

Security Gateways. Require Strong Authentication for administrative and/or management access to Security Gateways, including, but not limited to, any access for the purpose of reviewing log files.
Sample 1Sample 2Sample 3See All (7)
Security Gateways. For access to Security Gateways ensure that user authorization levels to administer and manage Security Gateways are appropriate, and that all rule sets either explicitly or implicitly “DENY ALL” inbound access except where there is a business need, and then with strong authentication. For access to In-Scope Information and for host devices that support it, assign unique credentials (eg. UserIDs, passwords) to authorized individual users, assign individual ownership to system service accounts, and ensure that system service accounts are not shared by administrators.
Sample 1Sample 2Sample 3See All (4)
Security Gateways. The Supplier shall: 10.1 Require Strong Authentication for administrative and/or management access to Security Gateways, including any access for the purpose of reviewing log files. 10.2 Have and use documented controls, policies, processes and procedures to ensure that unauthorized users do not have administrative and/or management access to Security Gateways, and that user authorization levels to administer and manage Security Gateways are appropriate. 10.3 At least once every six (6) months, ensure that Security Gateway configurations are hardened by selecting a sample of Security Gateways and verifying that each default rule set and set of configuration parameters are implemented. 10.4 Use monitoring tools to validate that all aspects of Security Gateways (e.g., hardware, firmware, and software) are continuously operational. 10.5 Configure and implement all Security Gateways such that all non-operational Security Gateways shall deny all access. 10.6 Configure real-time alerting for changes to the Security Gateway configuration and/or rule base.
Sample 1
Security Gateways. The Supplier shall: 14.1 Require Strong Authentication for administrative and/or management access to Security Gateways, including any access for the purpose of reviewing log files. 14.2 Have and use documented controls, policies, processes and procedures to ensure that unauthorized users do not have administrative and/or management access to Security Gateways, and that user authorization levels to administer and manage Security Gateways are appropriate. 14.3 At least once every six (6) months, ensure that Security Gateway configurations are hardened by selecting a sample of Security Gateways and verifying that each default rule set and set of configuration parameters are implemented, including: (a) Internet Protocol (IP) source routing is disabled; (b) The loopback address is prohibited from entering the internal network; (c) Anti-spoofing filters are implemented; (d) Broadcast packets are disallowed from entering the network; (e) Internet Control Message Protocol (ICMP) redirects are disabled; (f) All rule sets end with a “DENY ALL” statement; and (g) Each rule is traceable to a specific business request. 14.4 Use monitoring tools to validate that all aspects of Security Gateways (e.g., hardware, firmware, and software) are continuously operational. 14.5 Configure and implement all Security Gateways such that all non-operational Security Gateways shall deny all access. 14.6 Configure real-time alerting for changes to the Security Gateway configuration and/or rule base.
Sample 1

Related to Security Gateways

  • Security Cameras Security cameras have been installed throughout the Facility; however, they will not routinely be used in areas where there is an expectation of privacy, such as restrooms or patient care areas.

  • Security System The site and the Work area may be protected by limited access security systems. An initial access code number will be issued to the Contractor by the County. Thereafter, all costs for changing the access code due to changes in personnel or required substitution of contracts shall be paid by the Contractor and may be deducted from payments due or to become due to the Contractor. Furthermore, any alarms originating from the Contractor’s operations shall also be paid by the Contractor and may be deducted from payments due or to become due to the Contractor.

  • Security Systems The Service may not be compatible with security systems. You may be required to maintain a telephone connection through your local exchange carrier in order to use any alarm monitoring functions for any security system installed in your home or business. You are responsible for contacting the alarm monitoring company to test the compatibility of any alarm monitoring or security system with the Service.

  • Security Safeguards Contractor shall maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of District Data. Contractor shall store and process District Data in accordance with industry standards and best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in CIS Critical Security Controls (CIS Controls), as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation the Act, as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended, or such other standard as the District’s Chief Privacy Officer or designee may agree to in writing. Contractor shall also encrypt any backup, backup media, removable media, tape, or other copies. In addition, Contractor shall fully encrypt disks and storage for all laptops and mobile devices.

  • Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.

  • Connectivity User is solely responsible for providing and maintaining all necessary electronic communications with Exchange, including, wiring, computer hardware, software, communication line access, and networking devices.

  • Cameras 3.2 NSP items may only be acquired through the Contractor or their Authorized Dealer and must be reported quarterly with all other sales under the Master Agreement. 3.3 NSP items must be priced at a minimum discount of 15% from MSRP or List Price. 3.4 NSP items may be offered to a Purchasing Entity as a stand-alone option, and the maximum allowable amount of all NSP items in a single Order shall be determined by the Participating State or Entity. 3.5 It shall be at the discretion of the Participating State or Entity to allow Open Market Items in their Participating Addendum.

  • Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.

  • Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.

  • Records Maintenance; Access Contractor shall maintain all financial records relating to this Contract in accordance with generally accepted accounting principles. In addition, Contractor shall maintain any other records, books, documents, papers, plans, records of shipments and payments and writings of Contractor, whether in paper, electronic or other form, that are pertinent to this Contract (“Records”) in such a manner as to clearly document Contractor's performance. Contractor acknowledges and agrees that Agency and the Oregon Secretary of State's Office and the federal government and their duly authorized representatives will have access to such financial records and other Records that are pertinent to this Contract, whether in paper, electronic or other form, to perform examinations and audits and make excerpts and transcripts. Contractor shall retain and keep accessible all such financial records and other Records for a minimum of 6 years, or such longer period as may be required by applicable law, following final payment and termination of this Contract, or until the conclusion of any audit, controversy or litigation arising out of or related to this Contract, whichever date is later.