Technical Security Requirements Sample Clauses

Technical Security Requirements. 6.1. The systems used to access or manage DCC Data must be under the management authority of the Contractor and have a minimum set of security policy configuration enforced. Such configuration shall be described in the Security Management Plan, and include consideration of:
Sample 1Sample 2Sample 3See All (4)
AutoNDA by SimpleDocs
Technical Security Requirements. The Service will:  Ensure that any Council data which resides on a mobile, removable or physically uncontrolled device is stored encrypted using a product which has been formally assured through a recognised certification process.  Ensure that any Council data which it causes to be transmitted over any public network (including the Internet, mobile networks or un-protected enterprise network) or to a mobile device shall be encrypted when transmitted.  Must operate an appropriate access control regime to ensure users and administrators are uniquely identified.  Ensure that any device which is used to process Council data meets all of the security requirements set out in the National Cyber Security Centre (NCSC) End User Devices Platform Security Guidance.  At their own cost and expense, procure an IT Health Check from a certified supplier and penetration test performed prior to any live data being transferred into their systems.  Perform a technical information risk assessment on the service supplied and be able to demonstrate what controls are in place to address those risks.  Collect audit records which relate to security events in delivery of the Service or that would support the analysis of potential and actual compromises. The retention period for audit records and event logs shall be a minimum of 6 months.  Must be able to demonstrate they can supply a copy of all data on request or at termination, and must be able to securely erase or destroy all data and media that the Council data has been stored and processed on.  Not, and will procure that none of its sub-contractors, process the Council’s data outside the European Economic Area (EEA).  Implement security patches to vulnerabilities in accordance with the timescales specified in the NCSC Cloud Security Principle 5.  Ensure that the service is designed in accordance with NCSC principles, security design principles for digital services, bulk data and cloud security principle.  Implement such additional measures as agreed with the Council from time to time in order to ensure that such information is safeguarded in accordance with the applicable legislative and regulatory obligations.
Sample 1Sample 2

Related to Technical Security Requirements

  • Additional security requirements The following provisions apply in respect of any Additional Security provided:

  • Security Requirements 11.1 The Supplier shall comply, and shall procure the compliance of the Suppliers Personnel, with the Security Policy and the Security Plan and the Supplier shall ensure that the Security Plan produced by the Supplier fully complies with the Security Policy.

  • Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.

  • Data Security Requirements A. Data Transport. When transporting Confidential Information electronically, including via email, the data will be protected by:

  • Information Security Requirements In cases where the State is not permitted to manage/modify the automation equipment (server/computer/other) that controls testing or monitoring devices, the Contractor agrees to update and provide patches for the automation equipment and any installed operating systems or applications on a quarterly basis (at minimum). The Contractor will submit a report to the State of updates installed within 30 days of the installation as well as a Plan of Actions and Milestones (POA&M) to remediate any vulnerabilities ranging from Critical to Low. The contractor will provide an upgrade path or compensatory security controls for any operating systems and applications listed as beyond “end-of-life” or EOL, within 90 days of the EOL and complete the EOL system’s upgrade within 90 days of the approved plan.

  • Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.

  • Facility Requirements 1. Maintain wheelchair accessibility to program activities according to governing law, including the Americans With Disabilities Act (ADA), as applicable.

  • Safety Requirements 18.1.1 The Concessionaire shall comply with the provisions of this Agreement, Applicable Laws and Applicable Permits and conform to Good Industry Practice for securing the safety of the Users. In particular, the Concessionaire shall develop, implement and administer a surveillance and safety program for providing a safe environment on or about the Project, and shall comply with the safety requirements set forth in Schedule-L (the “Safety Requirements”).

  • Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.

  • Technology Requirements The Customer is required to obtain and maintain, at the Customer’s own expense, compatible Electronic Channels, hardware, operating systems, and software approved for such use by Royal Bank, and which are up-to-date and unaltered from manufacturer specifications. Royal Bank is not responsible for, and makes no representations or warranties of any nature, with respect to any such Electronic Channels, hardware, operating systems, and software provided by any other Person. Royal Bank has the right, in its sole discretion, without notice, to make changes to this Service from time to time which may result in the Customer’s Electronic Channels, hardware, operating systems, and software no longer being compatible with this Service, and in such event, Royal Bank will have no responsibility or liability to the Customer or any other Person.

Time is Money Join Law Insider Premium to draft better contracts faster.