Physical and environmental security definition

Physical and environmental security. If we are hosting the Services, we will be hosting our product infrastructure with multi-tenant, outsourced infrastructure providers. According to documentation and attestations from the providers, the physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications.

Split View

AI-Powered Contracts

Draft, Review & Redline at the Speed of AI

Get StartedBook a Demo

Physical and environmental security. Lightspeed hosts its product infrastructure with multi-tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II, ISO 27001 and PCI DSS compliance, among other certifications. Authentication: Lightspeed implemented a uniform password policy for its customer products. All users who needs to interact with the products via any interface must authenticate before accessing non-public customer data. Authorization: Customer data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of Lightspeed's product is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user's permissions against the attributes associated with each data set.

Physical and environmental security. Applozic hosts its product infrastructure with multi- tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications.

Examples of Physical and environmental security in a sentence

• Physical and environmental security: We host our product infrastructure with multi-tenant, outsourced infrastructure providers.

• Physical and environmental security: We host our product infrastructure with multi- tenant, outsourced infrastructure providers.

• Physical and environmental security measures are in place to prevent illegitimate or accidental access, loss or dissemination of data.

• Physical and environmental security measures are in place to prevent illegitimate or accidental access, loss or dissemination of data in the various facilities.

• Physical and environmental security plans must exist for facilities and scenarios involving access or storage of Customer’s Personal Data.

• Physical and environmental security plans must exist for facilities and scenarios involving access or storage of Customer Data.

• Physical and environmental security: MentorcliQ’s underlying data hosting provider possesses the physical and environmental security controls audited for under SOC 2 Type II and ISO 27001 compliance, among other certifications.

• Physical and environmental security: Blogman DMCC hosts its product infrastructure with multi-tenant, outsourced infrastructure providers.

• Physical and environmental security: We host our Integration infrastructure with multi-tenant, outsourced infrastructure providers.

• Measures for ensuring physical security of locations at which personal data are processed Physical and environmental security of data centre, server room facilities and other areas containing Personal Data designed to: (i) protect information assets from unauthorised physical access, (ii) manage, monitor and log movement of persons into and out of Supplier facilities, and (iii) guard against environmental hazards such as heat, fire and water damage.

More Definitions of Physical and environmental security

Physical and environmental security. Ably hosts its product infrastructure with multi-tenant, outsourced infrastructure provider Amazon Web Services Inc. The physical and environmental security controls are audited for SOC 2 Type 2II (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇.▇▇▇/compliance/soc-faqs/https://▇▇▇.▇▇▇▇▇▇.▇▇▇/compliance/soc-faqs/) and ISO 27001 (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇.▇▇▇/compliance/iso-27001-faqs/) compliance, among other certifications. Authentication: Ably has implemented a uniform password policy for its customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of Ably’s products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key.

Physical and environmental security. Soliton OneGate service infrastructure is hosted on Google Cloud Platform and logically and physically secured from Soliton’s internal IT systems.  To maintain the availability of the Soliton OneGate service, the service utilizes a redundancy configuration within the same Google Cloud region so that if one data center is down, the service can continue to be available through another data center. All data is backed up on a daily basis.  Soliton maintains an ISMS certification, and its system is audited by an indipendent auditor. Soliton’s Management review periodic report submitted by its system administrators regarding its Information System Management System. The reports include how the instructions given to the Management in the previous review have been taken care of.  Soliton’s personnel logging on to administrator accounts to access the systems within the Soliton OneGate infrastructure are requirefd to use Multi-Factor Authentication.  Users of the OneGate service are required to use a digital certificate-based Multi-Factor Authentication to use the Soliton OneGate service.  Soliton implements a room entrance management system that is designed to ensure that only personnel who are authenticated can enter the rooms from which the OneGate service is accessible.  The OneGate service system logs are regularly monitored and stored on Google Cloud Platform.  Soliton implements a system that automatically sends alerts regarding certain unusual or suspicious events.  The number of the ports, protocol and services accessible to the Soliton OneGate system are restricted to the minimum required level.  Soliton has established and comply with its security requirements policy for OneGate concerning access to and the retention, processing and disposal of data for the OneGate service (confidential).  Soliton implements and maintains its physical security control rules, which include, among others, the following o No business data must be stored in laptops or portable devices. o If a laptop or a portable device is lost, the administrator immediately disables access from the device to all business data controlled by Soliton. o No data on the OneGate system must be copied or transferred outside of the system.  Soliton requires that any sub-processor it engages to provde the Service on its behalf in connection with this DPA does so solely on the basis of a written contract which imposes on such sub-processor terms no less protective of Personal Data than thos...

Physical and environmental security. We host our services infrastructure with multi-tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC Type II and ISO 27001 compliance, among other certifications. Authentication: We implement a uniform password policy for our customer services. Customers who interact with the services via the user interface must authenticate before accessing non-public customer data. Authorisation: Customer Data is stored in multi-tenant storage systems accessible to customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorisation model in each of our services is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customisation options. Authorisation to data sets is performed through validating the user's permissions against the attributes associated with each data set. Application programming interface API access: Public service API’s may be accessed using an API key or through Oauth authorisation.