STATE OWNED DATA. a. SUB-CONTRACTOR agrees to comply with the following requirements to ensure the preservation, security, and integrity of State-owned data on portable computing devices and portable electronic storage media: i. Encrypt all State-owned data stored on portable computing devices and portable electronic storage media using government-certified Advanced Encryption Standard (AES) cipher algorithm with a 256-bit or 128-bit encryption key to protect CALTRANS data stored on every sector of a hard drive, including temp files, cached data, hibernation files, and even unused disk space. ii. Data encryption shall use cryptographic technology that has been tested and approved against exacting standards, such as FIPS 140-2 Security Requirements for Cryptographic Modules. iii. Encrypt, as described above, all State-owned data transmitted from one computing device or storage medium to another. iv. Maintain confidentiality of all State-owned data by limiting data sharing to those individuals contracted to provide services on behalf of the State of California, and limit use of State of California information assets for State of California purposes only. v. Install and maintain current anti-virus software, security patches, and upgrades on all computing devices used during the course of the Contract.
Appears in 11 contracts
Samples: Contract to Administer the Back 2 Work Program, Contract to Administer the Back 2 Work Program, Contract to Administer the Back 2 Work Program
