Web Security Sample Clauses

Web Security. Supplier will provide Seagate with the process for doing security- specific quality assurance testing for the application, for example, testing of authentication, authorization, and accounting functions, as well as any other activity designed to validate the security architecture.
Sample 1
AutoNDA by SimpleDocs
Web Security. Our web layer consists of a passcode encrypted web service with enforced business logic. The business logic restricts user activity based upon permission level such that data access is limited to role within the LEA organization. 3 Address the training received by your employees and any subcontractors engaged in the provision of services under the Contract on the federal and state laws that govern the confidentiality of PII. Our employees undergo annual training related to data handling and privacy/security issues. This includes protocols for sharing PII data, requiring it to be sent via a secure method, such as SFTP, instead of via email. Employees are also trained to avoid printing documents with PII unless required to do so and to refrain from sharing data with any person outside of their designated contact at the school or district or others that are explicitly authorized to receive such data. 4 Outline contracting processes that ensure that your employees and any subcontractors are bound by written agreement to the requirements of the Contract, at a minimum. All employees and subcontractors sign a NDA related to data handling. Any breach of this agreement is grounds for termination and the offending party may also risk criminal prosecution and civil penalties as a result. 5 Specify how you will manage any data security and privacy incidents that implicate PII and describe any specific plans you have in place to identify breaches and/or unauthorized disclosures, and to meet your obligations to report incidents to the EA. Details on the policies and procedures related to PII handling may be found here, but LinkIt! is committed to prompt notification of any breaches within seven (7) days after initial discovery. The company also performs internal scans to detect such breaches (or attempts) as well as regular penetration and vulnerability testing via a third party firm to identify and mitigate potential risks and vulnerabilities. 6 Describe how data will be transitioned to the EA when no longer needed by you to meet your contractual obligations, if applicable. Data will be transitioned to EA within 7 days of receipt of written request for the same, or, in the absence of such notice, within 60 days of termination of contract. A copy of the data set may also be provided to authorized EA staff upon request following the termination of the Agreement. 7 Describe your secure destruction practices and how certification will be provided to the EA. Written certifi...
Sample 1
Web Security. 1. At University of Louisiana at Lafayette's discretion, the ASP may be required to disclose the specific configuration files for any web servers and associated support functions (such as search engines or databases). 2. Please disclose whether, and where, the application uses Java, Javascript, ActiveX, PHP or ASP (active server page) technology. 3. What language is the application back-end written in? (C, Perl, Python, VBScript, etc.) 4. Please describe the ASP process for doing security Quality Assurance testing for the application. For example, testing of authentication, authorization, and accounting functions, as well as any other activity designed to validate the security architecture. 5. Has the ASP done web code review, including CGI, Java, etc, for the explicit purposes of finding and remediating security vulnerabilities? If so, who did the review, what were the results, and what remediation activity has taken place? If not, when is such an activity planned?
Sample 1
Web Security. Our web layer consists of a passcode encrypted web service with enforced business logic. The business logic restricts user activity based upon permission level such that data access is limited to role within the LEA organization. 3 Address the training received by your employees and any subcontractors engaged in the provision of services under the Contract on the federal and state laws that govern the confidentiality of PII. Our employees undergo annual training related to data handling and privacy/security issues. This includes protocols for sharing PII data, requiring it to be sent via a secure method, such as SFTP, instead of via email. Employees are also trained to avoid printing documents with PII unless required to do so and to refrain from sharing data with any person outside of their designated contact at the school or district or others that are explicitly authorized to receive such data.
Sample 1
Web Security a. The ASP will disclose the use of various web architecture and programming languages, including, but not limited to Java, JavaScript, ActiveX, PHP, Python, C, Perl, VBScript, etc. b. The ASP will describe the process for performing security testing for the application and or system accessing Department data. For example, testing of authentication, authorization, and accounting functions, or any other activity designed to validate the security architecture, including external and internal penetration testing. c. The ASP will disclose the methodology utilized for web code reviews, including CGI, Java, etc., for the explicit purposes of finding and remediating security vulnerabilities, the authorizing party who performed the review, results of the review, and what remediation activity has taken place.
Sample 1
Web Security. To prepare for our move to Secure Sockets Layer (SSL -- encrypted communication between servers and browsers) support for our websites, we chose xxxxxxxxx.xxx as the source of our SSL certificates.  Teleforms: Libraries reported that their patrons were not receiving “hold pickup” phone notices. The Teleforms log showed no problems and we could hear calls being made. When we listened closely, though, we could hear that “hold pickup” calls were being answered with the message, “You must dial an area code first.” All patron records in Sierra have area codes in their phone numbers, so we contacted III, who had us reapply a code and restart the server. That fixed the problem. There are other problems with Teleforms, though, that we continue to work with III to resolve.  Email: Some patrons report that they’re not receiving email notices. If not the usual suspect (Spam folder), then It may be that the volume of emails we send is causing ISPs to block us temporarily if they think we’re spammers. We’re trying to get whitelisted with Spectrum, since that’s one of the biggest ISPs and is used by many of the patrons who have reported this problem.  Sierra-cc: To log Sierra emails, we Bcc xxxxxx-xx@xxxx.xxx on every message. When looking at that account to troubleshoot a problem report, we saw that there were 1.2 million messages in the Inbox. We deleted all messages that were more than thirty days old, and installed a script that runs continually to delete old (> 30 days) messages automatically. (We send more than 85,000 hold and overdue emails a month.)  On the recommendation of the Cataloging Advisory Council we added a new Material Type: Digital Media.  FTP problem: As a result (we think) of our hardening of security on our servers, EGRN and XXXX lost the ability to ftp content to their WordPress sites on our linux web server. We made some adjustments to correct this problem.  Sierra Item Types/Loan Rules: As part of the Cataloging Advisory Council’s project to simplify and reduce the number of Item Types and Loan Rules, Xxx worked with SNLK, BRUN, NASSS, and other libraries to analyze and change theirs.  New Item Type: At BETH’s request, we created a new Sierra Item Type - 121: Instrument.
Sample 1
Web Security a. The ASP will disclose the use of various web architecture and programming languages, including, but not limited to Java, JavaScript, ActiveX, PHP, Python, C, Perl, VBScript, etc. b. The ASP will describe the process for performing security quality assurance testing for the application. For example, testing of authentication, authorization, and accounting functions, or any other activity designed to validate the security architecture. c. The ASP will disclose the methodology utilized for web code reviews, including CGI, Java, etc., for the explicit purposes of finding and remediating security vulnerabilities, the authorizing party who performed the review, results of the review, and what remediation activity has taken place.
Sample 1
AutoNDA by SimpleDocs

Related to Web Security

  • JOB SECURITY 23.01 Subject to the willingness and capacity of individual employees to accept relocation and retraining, the Employer will make every reasonable effort to ensure that any reduction in the work force will be accomplished through attrition.

  • E7 Security The Authority shall be responsible for maintaining the security of the Authority premises in accordance with its standard security requirements. The Contractor shall comply with all security requirements of the Authority while on the Authority premises, and shall ensure that all Staff comply with such requirements.

  • Network Security The AWS Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. AWS will maintain access controls and policies to manage what access is allowed to the AWS Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. AWS will maintain corrective action and incident response plans to respond to potential security threats.

  • Internet Security The Service utilizes a comprehensive security strategy to protect your accounts and transactions conducted over the Internet. Prior to activating your access to the Service, our Internet Banking Department will verify your identity and authorization against information associated with the Eligible Account (s) that you request to be linked to the Service. Access IDs and Passcodes - One of the main security features protecting the Service is the unique combination of your Access Identification Code (Access ID) and Passcode. During the enrollment process, you will be asked to select a unique Access ID, and then choose a Passcode that will be used to gain access to the Service. You determine your own Passcode, which is encrypted in our database. Neither this Institution nor its Service Providers have access to this information. The Service will automatically deactivate your account after three unsuccessful login attempts within a 24-hour time frame. You may reset your passcode online or you may contact this Institution for assistance. Because your Passcode is used to access your accounts, you should treat it as you would any other sensitive personal data. • You should carefully select a Passcode that is hard to guess. • You should not use words based on your name, address or other personal information. • Special characters may be used to increase security. • Do NOT use dictionary words. The “Help” link within the Service will offer tips on choosing a secure Passcode that you can remember. • Keep your Passcode safe. • Memorize your Passcode and do NOT write it down. • You should also change your Passcode occasionally, such as every 90 days. • A Passcode should be changed immediately if you suspect that your Passcode has been compromised. This can be done at any time from the “User Services” menu after you log on to the Service. NEITHER THIS INSTITUTION NOR ITS SERVICE PROVIDERS WILL CONTACT YOU VIA TELEPHONE OR EMAIL REQUESTING PERSONAL INFORMATION, YOUR ACCESS ID, OR YOUR PASSCODE. IF YOU ARE CONTACTED BY ANYONE REQUESTING THIS INFORMATION, PLEASE CONTACT US IMMEDIATELY.

  • User Security You agree to take every precaution to ensure the safety, security and integrity of your account and transactions when using Mobile Banking. You agree not to leave your Device unattended while logged into Mobile Banking and to log off immediately at the completion of each access by you. You agree not to provide your username, password or other access information to any unauthorized person. If you permit other persons to use your Device, login information, or other means to access Mobile Banking, you are responsible for any transactions they authorize and we will not be liable for any damages resulting to you. You agree not to use any personally identifiable information when creating shortcuts to your Account. We make no representation that any content or use of Mobile Banking is available for use in locations outside of the United States. Accessing Mobile Banking from locations outside of the United States is at your own risk.

  • Server Security Servers containing unencrypted PHI COUNTY discloses to 4 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 5 must have sufficient administrative, physical, and technical controls in place to protect that data, based 6 upon a risk assessment/system security review.

  • Not a Security None of the Notes shall be deemed to be a security within the meaning of the Securities Act of 1933 or the Securities Exchange Act of 1934.

  • Cyber Security Insurance for loss to the Owner due to data security and privacy breach, including costs of investigating a potential or actual breach of confidential or private information. (Indicate applicable limits of coverage or other conditions in the fill point below.) « »

  • Airport Security The Contractor shall be familiar with and conduct its operations in accordance with all regulations and directives of the Authority and the Transportation Security Administration, and any other federal, state or local government having jurisdiction over the airport, with respect to the maintenance of airport security.

  • Password Security You are responsible for maintaining adequate security and control of any and all User IDs, Passwords, hints, personal identification numbers (PINs), or any other codes that you use to access the Account. Do not discuss, compare, or share information about your account number or password unless you are willing to give them full use of your money. Any loss or compromise of the foregoing information and/or your personal information may result in unauthorized access to your Account by third-parties and the loss or theft of any funds held in your Account and any associated accounts, including your Account. Checks and electronic withdrawals are processed by automated methods, and anyone who obtains your account number or access device could use it to withdraw money from your account, with or without your permission. You are responsible for keeping your email address and telephone number up to date in order to receive any notices or alerts that we may send you. We assume no responsibility for any loss that you may sustain due to compromise of your account login credentials due to no fault of ours and/or your failure to follow or act on any notices or alerts that we may send to you. If you believe your Account information has been compromised, or that someone has transferred or may transfer money from your account without your permission, contact us immediately, through Synapse, at xxxx@xxxxxxxxx.xxx or call at +0(000) 000-0000. You agree to promptly review all Account and transaction records and other Communications that we make available to you and to promptly report any discrepancy to us.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!