Technical Controls Sample Clauses

Technical Controls. 4.1.1 Whilst Operational Controls may include either administrative or technical entitlement controls the most effective Operational Controls are likely to include technical entitlement systems supported by documented administrative procedures. 4.1.2 A possible component of an Operational Controls framework is the deployment of a permissioning system to assist in the correct distribution and reporting of Data. 4.1.3 In order to be considered effective in any period Operational Controls must operate and report at the level of individual Units of Count and auditable evidence of their operation must be maintained. Please refer to the Market Data Audit Guidelines for further details. 4.1.4 In the absence of effective Operational Controls, applied at the Device or Unique User Id level, the Exchanges reserve the right to apply Data Charges on the basis of reasonable estimates of Devices or Unique User Ids with access to the Data. For example if Data is fed into a network which does not control access, then all Devices or Unique User Ids, with access to that network must be reported as fee liable for all levels of Data available within the network.

Technical Controls. 5.1 The Collaborator Institution shall implement appropriate end point security, including firewall, anti-virus, anti-spyware and other anti-malware software and technologies on all laptops, desktops and servers it uses to process the Materials. 5.2 The Collaborator Institution shall update its firewall, anti-virus, anti-spyware and other anti-malware software and technologies on a regular basis to ensure that they protect against then-current virus, spyware and other malware threats. 5.3 The Collaborator Institution shall ensure that updates and patches of critical software and firmware are applied within a reasonably prompt time period. 5.4 The Collaborator Institution shall mitigate external attacks using a number of methods, including the use of Intrusion Prevention and Detection Systems (IPS/IDS) in addition to firewall and anti-virus measures, with appropriate monitoring in place. 5.5 Where remote access is provisioned, controls must be implemented to ensure only authorised devices access IT systems and resilient to brute force attacks. 5.6 The Collaborator Institution shall take all reasonable measures to ensure that vulnerabilities are discovered and addressed within a reasonable time frame. These measures could include internal vulnerability scanning and the use of independent external auditors (penetration testing).

Technical Controls. Institute Members shall maintain computer security by using technical safeguards that are adequate to protect the information contained in electronic or physical media files. For example, strong authentication protocols for system access, access control lists forcing limitation of access based on roles, and automated audit trails to enable system security personnel to trace any additions or changes back to whoever initiated them, and to indicate where and when the change was carried out. Other recommended technical controls can include (without limitation) disabling USB drives, printers, logging who accesses confidential information, when it was accessed, what activities were performed; installing tracking software and/or mobile device management software; vetting third-parties for data security capabilities.

Technical Controls. 4.1.1 Whilst Operational Controls may include either administrative or technical entitlement controls the most effective Operational Controls are likely to include technical entitlement systems supported by documented administrative procedures.

Technical Controls. If Customer’s use of a Cloud Service materially degrades the performance of such Cloud Service for other customers, rate limiting controls may result in the temporary reduction or a pause in the responsiveness of a Cloud Service. Furthermore, Customer shall contact Elastic if Customer desires to assess performance by benchmarking for more than five minutes.

Technical Controls. 4.1 The Applicant shall implement appropriate firewall, anti-virus, anti-spyware and other anti-malware software and technologies on all networks and systems it uses to process the Materials. 4.2 The Applicant shall update its firewall, anti-virus, anti-spyware and other anti-malware software and technologies on a regular basis to ensure that they protect against then-current virus, spyware and other malware threats. 4.3 The Applicant shall ensure that updates and patches of critical software and firmware are applied within a reasonable time period. 4.4 The Applicant shall mitigate external attacks by a number of methods, including the use of Intrusion Prevention and Detection Systems (IPS/IDS) in addition to firewall and anti-virus measures, with appropriate monitoring in place. 4.5 Where remote access is provisioned controls must be implemented to ensure only authorised devices access IT systems. 4.6 The Applicant shall take reasonable measures to ensure that vulnerabilities are discovered and addressed within a reasonable time frame. These measures could include internal vulnerability scanning and use of independent external auditors (penetration testing).

Technical Controls. PTV, employees of PTV and subcontractors of PTV (collectively employees and subcontractors of PTV are “PTV’s Personnel”) will implement and maintain appropriate technical, logical, administrative, physical, human and organizational measures (such as training and monitoring) and other protections for Customer’s Confidential Information, which PTV expressly acknowledges includes sensitive information and PII, and such measures and protections shall take into account any change in the nature of the data, expanded or different definitions of PII, and shall be in accordance with applicable law, industry standards and federal and state agency guidelines, as such standards, law and guidelines may evolve, including but not limited to controls consistent with and adopted pursuant to DoD, ISO 22301, 27001 and 27002, NIST, the NIST Cybersecurity Framework, and regulatory action and guidance by the Federal Trade Commission, including, without limitation and by example only: (i) host and network based intrusion detection systems, penetration tests (conducted through the use of a vendor other than PTV ); (ii) controls against unauthorized access (including, without limitation, viruses and malicious software); (iii) encryption of all Customer PII in transit electronically; and (iv) controls preventing the loading of Customer PII on any laptop computers, USB drives or other portable storage media, unless such Customer PII is encrypted and the loading of such Customer PII on such portable storage media is necessary for PTV to perform under the contract. In regard to Section 2(A)(i) of this Agreement, above, Customer, within its sole discretion and cost, shall select the third party PTV to conduct its own independent penetration and/or vulnerability testing of the PTV Cloud Service at its own expense.

Technical Controls. InterVision has implemented and shall maintain the following technical controls designed to protect Customer systems and data from disruption, loss, destruction or alternation, authorized access or unlawful disclosure:

Technical Controls. If MSP’s use of a Cloud Service materially degrades the performance of such Cloud Service for other customers, rate limiting controls may result in the temporary reduction or a pause in the responsiveness of such Cloud Service. Furthermore, MSP shall contact Elastic if MSP desires to assess performance by benchmarking for more than five minutes.

Technical Controls. Supplier will: a. establish and enforce access control policies and measures to ensure that only individuals who have a legitimate need to access Personal Information will have such access, including multi- factor authentication; b. promptly terminate an individual’s access to Personal Information when such access is no longer required for performance under the Agreement; c. maintain reasonable and up-to-date anti-malware, anti-spam, and similar controls on Supplier’s networks, systems, and devices; d. log the appropriate details of access to Personal Information on Supplier’s systems and equipment, plus alarms for attempted access violations, and retain such records for no less than 90 days; e. maintain controls and processes designed to ensure that all operating system and application security patches are installed within the timeframe recommended or required by the issuer of the patch; f. implement reasonable user account management procedures to securely create, amend, and delete user accounts on networks, systems, and devices through which Supplier accesses Personal Information, including monitoring redundant accounts and ensuring that information owners properly authorize all user account requests; and g. have the ability to restore the availability and access to Personal Information in a timely manner in the event of a physical or technical incident.