NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.
Security Standards The Provider shall implement and maintain commercially reasonable security procedures and practices that otherwise meet or exceed industry standards designed to protect Student Data from unauthorized access, destruction, use, modification, or disclosure, including but not limited to the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of the Student Data (a "Security Breach"). For purposes of the DPA and this Exhibit G, "Security Breach" does not include the good faith acquisition of Student Data by an employee or agent of the Provider or LEA for a legitimate educational or administrative purpose of the Provider or LEA, so long as the Student Data is used solely for purposes permitted by SOPPA and other applicable law, and so long as the Student Data is restricted from further unauthorized disclosure.
Software Updates XXXXX agrees to keep current with software licensed from Skyward and will install new versions on a timeline approved by XXXXX governance. This timeline will be communicated by NWRDC to the Districts. School District Workstations Configuration requirements for devices and their software that school district personnel use to access WSIPC’s software modules can be found on our website: xxxxx://xxx.xxxxx.xxx/technology‐team/. State Reports XXXXX will provide, at no additional fee, all data reports required by the state that impact 50% or more of the school districts in the state. WSIPC and NWRDC will work with state agencies to gather requirements on the required data. WSIPC will inform NWRDC staff of any mandated changes to state reports and NWRDC will communicate the information to the District. Appendix B NWRDC FTE Fees Fiscal Only NWRDC Software Support Services XXXXX Software Licensing Total FTE Fee $13.63 $20.34 $33.97 $15.56 $13.08 $28.64 $24.52 $20.34 $44.86 Student Only Full Service
XXX Hosting 10.1 XXX Hosting is not required for resale in the BellSouth region.
Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Technical Requirements for SCPs/Databases 10.5.3.1 BellSouth shall provide physical access to SCPs through the SS7 network and protocols with TCAP as the application layer protocol.