Specific Information Security Requirements Clause Samples
Specific Information Security Requirements. In addition to the General Information Security Program standards above, Supplier, Supplier Staff, and Subcontractors shall comply with the following authorizations and minimum standards when accessing, using or storing Reserve Bank PII:
(a) Minimum Standards for Storage on Laptops and Mobile Computing and Mobile Storage Devices. Supplier must have written policies requiring the use of encryption and physical access controls (e.g., within a locked office, desk, filing cabinet, or file room) for storage on laptops and mobile computing and mobile storage devices.
Specific Information Security Requirements. In addition to the General Information Security Program standards in Schedule C, Credit Administrator, Credit Administrator staff, and subcontractors performing Services shall comply with the following authorizations and minimum standards when accessing, using or storing Reserve Bank PII:
(a) Minimum Standards for Storage on Laptops and Mobile Computing and Mobile Storage Devices. Credit Administrator must have written policies requiring the use of encryption and physical access controls (e.g., within a locked office, desk, filing cabinet, or file room) for storage on laptops and mobile computing and mobile storage devices.
(b) Minimum Standards for Printing. Printed Reserve Bank PII requires a conspicuous label that Credit Administrator would ordinarily use to indicate the sensitivity and confidentiality of its own information. Where technically and operationally feasible, the labeling or marking must be on every page, including any cover memorandums or title pages. Otherwise, a conspicuous cover sheet labeled or marked as Credit Administrator would its own sensitive and confidential information must be attached.
(c) Minimum Standards for Marking Digital Versions.
(d) Minimum Standards for Transmission. Reserve Bank PII in digital form, including email and fax, must be encrypted during transmission.
(e) Minimum Standards for Storage in Print and Digital Formats. Storage of Reserve Bank PII information on printed media requires physical access controls (e.g., within a locked office, desk, filing cabinet, or file room).
(f) Minimum Standards for Media Sanitation. Reserve Bank PII stored on electronic media or similar equipment to be reused, repaired, or disposed of must be This includes computers, printers, fax machines, BlackBerrys, Phones, and any other devices that have memory or storage that may contain Reserve Bank PII.
(g) Minimum Standards for Remote Access. If authorized, remote access to Reserve Bank PII must be through
Specific Information Security Requirements. In addition to the General Information Security Program standards above, Supplier, Supplier Staff, and Subcontractors shall comply with the following authorizations and minimum standards when accessing, using or storing Reserve Bank PII:
(a) Minimum Standards for Storage on Laptops and