Security Training means any training, instruction or qualification required in terms of any law before a person may be registered as a security service provider or allowed to render a particular security service;
Security Training shall address security topics to educate users about the importance of information security and safeguards against data loss, misuse or breach through physical, logical and social engineering mechanisms. Training materials should address industry standard topics which include, but are not limited to: • The importance of information security and proper handling of personal information. • Physical controls such as visitor protocols, safeguarding portable devices and proper data destruction. • Logical controls related to strong password selection/best practices. • How to recognize social engineering attacks such as phishing.
Security Training. Data Importer shall provide annual security awareness and data privacy training for its employees that will have access to personal data. Job Control – Controls based on “least privilege” whereby authorized users are granted access as necessary to carry out their roles and responsibilities. Separation of Data – Managed using logical access separation. Confidentiality – Data Importer’s policies require that any new employees undergo, upon hire and prior to being granted access to personal data, a background check, where lawfully permitted, and enter into a confidentiality agreement, consistent with the confidentiality obligations of Data Importer under the Agreement and this Addendum that are applicable to the work performed by such employees.
More Definitions of Security Training
Security Training. Data Importer shall provide annual security awareness and data privacy training for its employees that will have access to personal data. Separation of Data – Data Importer uses technical capabilities such as logical access separation to achieve data separation Human Resources Security – Data Importer’s policies require that any new employees undergo, upon hire and prior to being granted access to personal data, a background check, where lawfully permitted, and enter into a confidentiality agreement, consistent with the confidentiality obligations of Data Importer under the Agreement and this Addendum that are applicable to the work performed by such employees. Business Continuity and Disaster Recovery - Data Importer shall maintain policies and procedures to ensure that Data Importer may continue to perform business critical functions in the face of an extraordinary event. This includes data center resiliency and disaster recovery procedures for business-critical data and processing functions.